Export limit exceeded: 14081 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14081 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-50972 | 2 Woocommerce, Wordpress | 2 Woocommerce, Wordpress | 2026-07-15 | 9.8 Critical |
| WooCommerce 7.1.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary PHP code by injecting shell commands through the product-type parameter. Attackers can send requests to the class-wc-meta-box-product-images.php endpoint with unsanitized product-type values to write malicious PHP files to the web root. | ||||
| CVE-2022-50959 | 2 Wordpress, Wpdevart | 2 Wordpress, Contact Form Builder | 2026-07-15 | 6.1 Medium |
| WordPress Contact Form Builder 1.6.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting the form_id parameter. Attackers can craft malicious URLs to code_generator.php with script payloads in the form_id parameter to execute arbitrary JavaScript in victim browsers. | ||||
| CVE-2022-50956 | 2 Amministrazione Aperta Project, Wordpress | 2 Amministrazione Aperta, Wordpress | 2026-07-15 | 6.2 Medium |
| WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the open parameter. Attackers can supply file paths through the open GET parameter in dispatcher.php to include and read sensitive files accessible to the web server. | ||||
| CVE-2021-47979 | 3 Miniorange, Wordpress, Wpbackitup | 3 Backup And Restore, Wordpress, Backup And Restore Wordpress | 2026-07-15 | 8.8 High |
| WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted file_name and folder_name parameters to delete arbitrary files from the WordPress installation directory. | ||||
| CVE-2021-47941 | 2 Modalsurvey, Wordpress | 3 Survey & Poll, Wordpress Survey And Poll, Wordpress | 2026-07-15 | 8.2 High |
| WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wp_sap cookie parameter. Attackers can craft SQL payloads in the cookie to extract sensitive database information including usernames, passwords, and other confidential data from the WordPress database. | ||||
| CVE-2021-47932 | 2 Thecartpress, Wordpress | 2 Thecartpress, Wordpress | 2026-07-15 | 9.8 Critical |
| WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler. Attackers can send POST requests to the tcp_register_and_login_ajax action with tcp_role set to administrator to gain full administrative access without authentication. | ||||
| CVE-2020-37255 | 2 Wordpress, Wptimecapsule | 2 Wordpress, Wp Time Capsule | 2026-07-15 | 7.5 High |
| WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by sending a crafted POST request with the IWP_JSON_PREFIX header. Attackers can exploit this flaw to obtain valid administrator session cookies and access the WordPress dashboard without providing credentials. | ||||
| CVE-2019-25763 | 3 Brainstormforce, Ultimatebeaver, Wordpress | 3 Ultimate Addons For Beaver Builder, Ultimate Addons For Beaver Builder, Wordpress | 2026-07-15 | 9.8 Critical |
| WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality. Attackers can submit a POST request to the admin-ajax.php endpoint with the uabb-lf-google-submit action, a valid administrator email address, and a valid nonce to obtain session cookies and authenticate as that user. | ||||
| CVE-2019-25746 | 2 Slicedinvoices, Wordpress | 2 Sliced Invoices, Wordpress | 2026-07-15 | 7.1 High |
| WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with action=duplicate_quote_invoice and malicious 'post' values to extract sensitive database information or modify data. | ||||
| CVE-2019-25744 | 3 Popup Builder, Sygnoos, Wordpress | 3 Popup Builder, Popup Builder, Wordpress | 2026-07-15 | 5.4 Medium |
| WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the post_title parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads in the post_title field that execute when pages or posts display popup selections. | ||||
| CVE-2018-25324 | 2 Simple Fields Project, Wordpress | 2 Simple Fields, Wordpress | 2026-07-15 | 6.2 Medium |
| Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp_abspath parameter on PHP versions before 5.3.4. Attackers can supply malicious wp_abspath values to simple_fields.php to include files like /etc/passwd or inject PHP code into Apache logs for remote code execution when allow_url_include is enabled. | ||||
| CVE-2016-20084 | 3 Codepeople, Dwbooster, Wordpress | 3 Booking Calendar Contact Form, Booking Calendar Contact, Wordpress | 2026-07-15 | 7.2 High |
| WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site scripting payloads through the admin.php page parameters. Attackers can inject malicious JavaScript into the 'ict' and 'ics' options or the calendar 'name' parameter via GET requests to execute arbitrary scripts when the calendar is displayed or accessed in the administration interface. | ||||
| CVE-2016-20075 | 2 Etoilewebdesign, Wordpress | 2 Ultimate Product Catalog, Wordpress | 2026-07-15 | 8.8 High |
| WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor, editor, author, or administrator roles to upload malicious files by exploiting the custom fields functionality. Attackers can upload PHP shells through the Products tab custom file field and access them via the upcp-product-file-uploads directory to execute arbitrary code on the server. | ||||
| CVE-2016-20070 | 3 Codepeople, Dwbooster, Wordpress | 3 Booking Calendar Contact Form, Booking Calendar Contact Form, Wordpress | 2026-07-15 | 6.4 Medium |
| WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with subscriber-level accounts can inject XSS payloads through parameters like price, name, calendar_language, and email_confirmation_to_user via admin-ajax.php and admin.php endpoints to execute arbitrary JavaScript in administrator browsers. | ||||
| CVE-2016-20069 | 3 Codepeople, Dwbooster, Wordpress | 3 Booking Calendar Contact Form, Booking Calendar Contact Form, Wordpress | 2026-07-15 | 8.2 High |
| WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries. Attackers can inject SQL commands through the calendar shortcode parameter to execute arbitrary SQL queries and extract sensitive database information. | ||||
| CVE-2016-20068 | 3 Codepeople, Dwbooster, Wordpress | 3 Booking Calendar Contact Form, Booking Calendar Contact Form, Wordpress | 2026-07-15 | 8.2 High |
| WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send requests to the admin-ajax.php endpoint with the action parameter set to 'dex_bccf_calendar_ajaxevent' and supply crafted SQL commands in the 'id' parameter to extract sensitive database information. | ||||
| CVE-2016-20065 | 3 Evwill, Implecode, Wordpress | 3 Product Catalog 8, Product Catalog Simple, Wordpress | 2026-07-15 | 8.2 High |
| Product Catalog 8 1.2 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the selectedCategory parameter. Attackers can submit POST requests to the admin-ajax.php endpoint with the UpdateCategoryList action to extract sensitive database information from WordPress tables. | ||||
| CVE-2012-10026 | 3 Asset-manager, Hp, Wordpress | 3 Asset-manager Wordpress Plugin, Asset Manager, Wordpress | 2026-07-15 | N/A |
| The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded file types, allowing remote attackers to upload malicious PHP scripts to a predictable temporary directory. Once uploaded, the attacker can execute the file via a direct HTTP GET request, resulting in remote code execution under the web server’s context. | ||||
| CVE-2026-58480 | 2 Creativethemes, Wordpress | 2 Blocksy Companion, Wordpress | 2026-07-14 | 9.8 Critical |
| Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the save_attachments function exposed through the Advanced Reviews feature. Attackers can exploit the Custom Fonts extension's flawed strpos() substring check by uploading double-extension filenames such as shell.woff2.php, causing the validation to pass on the substring match while the web server executes the file as PHP, achieving remote code execution. | ||||
| CVE-2026-23693 | 3 Roxnor, Wordpress, Wpmet | 3 Elementskit Lite, Wordpress, Elementskit Elementor Addons | 2026-07-14 | 10 Critical |
| ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor (elementskit-lite) WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API credentials and insufficiently validates certain parameters, including the list parameter, when constructing upstream Mailchimp API requests. An unauthenticated attacker can abuse the endpoint as an open proxy to Mailchimp, potentially triggering unauthorized API calls, manipulating subscription data, exhausting API quotas, or causing resource consumption on the affected WordPress site. | ||||