Wpschoolpress CVEs and Security Vulnerabilities

Export limit exceeded: 344977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '@' (at char 12), (line:1, col:13)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (344977 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25408	2 Pluginrx, Wordpress	2 Broken Link Notifier, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through <= 1.3.5.
CVE-2026-25411	2 Themastercut, Wordpress	2 Revision Manager Tmc, Wordpress	2026-04-16	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in themastercut Revision Manager TMC revision-manager-tmc allows Cross Site Request Forgery.This issue affects Revision Manager TMC: from n/a through <= 2.8.22.
CVE-2026-25416	2 Blazethemes, Wordpress	2 News Kit Elementor Addons, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through <= 1.4.2.
CVE-2026-25422	2 Themes4wp, Wordpress	2 Popularis Extra, Wordpress	2026-04-16	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Themes4WP Popularis Extra popularis-extra allows Cross Site Request Forgery.This issue affects Popularis Extra: from n/a through <= 1.2.10.
CVE-2026-25432	2 Omnipressteam, Wordpress	2 Omnipress, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through <= 1.6.7.
CVE-2026-25441	2 Leadconnector, Wordpress	2 Leadconnector, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in LeadConnector LeadConnector leadconnector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LeadConnector: from n/a through <= 3.0.21.
CVE-2026-25451	2 Bold-themes, Wordpress	2 Bold Page Builder, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through <= 5.6.9.
CVE-2026-25453	2 Mdempfle, Wordpress	2 Advanced Iframe, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through <= 2025.10.
CVE-2026-25473	2 Aa-team, Wordpress	2 Wzone, Wordpress	2026-04-16	5.4 Medium
Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through <= 14.0.31.
CVE-2026-27052	2 Villatheme, Wordpress	2 Sales Countdown Timer For Woocommerce And Wordpress, Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in villatheme Sales Countdown Timer for WooCommerce and WordPress sctv-sales-countdown-timer allows PHP Local File Inclusion.This issue affects Sales Countdown Timer for WooCommerce and WordPress: from n/a through < 1.1.9.
CVE-2026-27055	2 Pencidesign, Wordpress	2 Penci Ai Smartcontent Creator, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in PenciDesign Penci AI SmartContent Creator penci-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Penci AI SmartContent Creator: from n/a through <= 2.0.
CVE-2026-27074	2 Vaakash, Wordpress	2 Shortcoder, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vaakash Shortcoder shortcoder allows Stored XSS.This issue affects Shortcoder: from n/a through <= 6.5.1.
CVE-2026-26336	1 Hyland	3 Alfresco Community, Alfresco Content Services, Alfresco Enterprise	2026-04-16	7.5 High
Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files.
CVE-2026-27327	2 Wordpress, Yaycommerce	2 Wordpress, Yaymail – Woocommerce Email Customizer	2026-04-16	4.3 Medium
Missing Authorization vulnerability in YayCommerce YayMail yaymail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayMail: from n/a through <= 4.3.2.
CVE-2026-27343	2 Vankarwai, Wordpress	2 Airtifact, Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in VanKarWai Airtifact airtifact allows PHP Local File Inclusion.This issue affects Airtifact: from n/a through <= 1.2.91.
CVE-2026-27368	2 Seedprod, Wordpress	2 Coming Soon Page, Under Construction & Maintenance Mode, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through <= 6.19.8.
CVE-2026-27387	2 Designinvento, Wordpress	2 Directorypress, Wordpress	2026-04-16	5.4 Medium
Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through <= 3.6.26.
CVE-2026-27440	2 Saadiqbal, Wordpress	2 Mycred, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through <= 2.9.7.6.
CVE-2026-22341	2 Case-themes, Wordpress	2 Booked, Wordpress	2026-04-16	5.4 Medium
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through <= 3.0.0.
CVE-2026-22344	2 Mikado-themes, Wordpress	2 Fivestar, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes FiveStar fivestar allows PHP Local File Inclusion.This issue affects FiveStar: from n/a through <= 1.7.

« first previous Page 74 of 17249. next last »