Filter
AND

Versions

1.2
8
1.5
8
4.7
8
1.0
7
1.5.1
7
4.5.2
7
0.7
6
1.5.1.2
6
1.5.1.3
6
2.0
6
2.0.2
6
2.0.6
6
4.7.4
6
0.71
5
1.0.1
5
1.2.1
5
1.2.2
5
1.5.2
5
2.0.1
5
2.0.3
5
2.0.4
5
2.0.5
5
2.1.1
5
2.1.3
5
5.0
5
1.0.2
4
2.0.7
4
2.1
4
2.1.2
4
2.2
4
2.2.1
4
2.2.2
4
3.7
4
4.8
4
0.6.2
3
0.6.2.1
3
0.711
3
2.0.10
3
2.0.11
3
2.0.9
3
2.3.2
3
2.5
3
3.1
3
3.1.1
3
3.1.2
3
3.6
3
3.8
3
3.9
3
4.0
3
4.1
3
4.2
3
4.3
3
4.4
3
4.4.1
3
4.5
3
4.6
3
4.7.1
3
4.7.2
3
4.9
3
0.72
2
2.0.10_rc1
2
2.0.10_rc2
2
2.0.8
2
2.1.3_rc1
2
2.1.3_rc2
2
2.2.3
2
2.2_revision5002
2
2.2_revision5003
2
2.3
2
2.3.1
2
2.5.1
2
2.6
2
2.8.3
2
3.0
2
3.0.1
2
3.0.2
2
3.0.3
2
3.0.4
2
3.0.5
2
3.0.6
2
3.1.3
2
3.1.4
2
3.2.1
2
3.3
2
3.3.1
2
3.9.1
2
4.2.3
2
4.4.2
2
4.4.4
2
4.5.3
2
4.7.3
2
4.7.5
2
4.8.1
2
5.1
2
5.2
2
5.3
2
5.4
2
0.2
1
0.6
1
0.6.2-beta_2
1
0.6.2.1-beta_2
1
0.70
1
0.72-beta1
1
0.72-beta2
1
0.72-rc1
1
0.9
1
1.0.0
1
1.1
1
1.2-beta
1
1.3
1
1.3.1
1
1.4
1
1.5-strayhorn
1
1.5.1.1
1
1.6
1
2.0.0
1
2.1-alpha_3
1
2.2.0
1
2.3-beta3
1
2.3-rc1
1
2.3.1-rc1
1
2.3.3
1
2.6.1
1
2.6.2
1
2.6.3
1
2.6.5
1
2.7
1
2.7.1
1
2.8
1
2.8.1
1
2.8.2
1
2.8.4
1
2.8.5
1
2.8.6
1
2.9
1
2.9.1
1
2.9.2
1
3.2
1
3.2-beta1
1
3.3.2
1
3.3.3
1
3.4
1
3.4.1
1
3.4.2
1
3.5
1
3.5.1
1
3.5.2
1
3.6.1
1
3.7.1
1
3.7.10
1
3.7.11
1
3.7.12
1
3.7.13
1
3.7.14
1
3.7.15
1
3.7.16
1
3.7.17
1
3.7.18
1
3.7.19
1
3.7.2
1
3.7.20
1
3.7.21
1
3.7.22
1
3.7.3
1
3.7.4
1
3.7.5
1
3.7.6
1
3.7.7
1
3.7.8
1
3.7.9
1
3.8.1
1
3.8.10
1
3.8.11
1
3.8.12
1
3.8.13
1
3.8.14
1
3.8.15
1
3.8.16
1
3.8.17
1
3.8.18
1
3.8.19
1
3.8.2
1
3.8.20
1
3.8.21
1
3.8.22
1
3.8.3
1
3.8.4
1
3.8.5
1
3.8.6
1
3.8.7
1
3.8.8
1
3.8.9
1
3.9.0
1
3.9.10
1
3.9.11
1
3.9.12
1
3.9.13
1
3.9.14
1
3.9.15
1
3.9.16
1
3.9.17
1
3.9.18
1
3.9.19
1
3.9.2
1
3.9.20
1
3.9.3
1
3.9.4
1
3.9.5
1
3.9.6
1
3.9.7
1
3.9.8
1
3.9.9
1
36.0
1
4.0.1
1
4.0.10
1
4.0.11
1
4.0.12
1
4.0.13
1
4.0.14
1
4.0.15
1
4.0.16
1
4.0.17
1
4.0.18
1
4.0.19
1
4.0.2
1
4.0.3
1
4.0.4
1
4.0.5
1
4.0.6
1
4.0.7
1
4.0.8
1
4.0.9
1
4.1.1
1
4.1.10
1
4.1.11
1
4.1.12
1
4.1.13
1
4.1.14
1
4.1.15
1
4.1.16
1
4.1.17
1
4.1.18
1
4.1.19
1
4.1.2
1
4.1.3
1
4.1.4
1
4.1.5
1
4.1.6
1
4.1.7
1
4.1.8
1
4.1.9
1
4.2.1
1
4.2.10
1
4.2.11
1
4.2.12
1
4.2.13
1
4.2.14
1
4.2.15
1
4.2.16
1
4.2.2
1
4.2.4
1
4.2.5
1
4.2.6
1
4.2.7
1
4.2.8
1
4.2.9
1
4.3.1
1
4.3.10
1
4.3.11
1
4.3.12
1
4.3.2
1
4.3.3
1
4.3.4
1
4.3.5
1
4.3.6
1
4.3.7
1
4.3.8
1
4.3.9
1
4.4.10
1
4.4.11
1
4.4.3
1
4.4.5
1
4.4.6
1
4.4.7
1
4.4.8
1
4.4.9
1
4.5.1
1
4.5.10
1
4.5.4
1
4.5.5
1
4.5.6
1
4.5.7
1
4.5.8
1
4.5.9
1
4.6.1
1
4.6.2
1
4.6.3
1
4.6.4
1
4.6.5
1
4.6.6
1

Ariagle WP-ClapWordPress WP-Clap plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
EPSS
0.04%
First published (updated )
CVE-2025-23647

Live2DThe Live2DWebCanvas plugin for WordPress is vulnerable to arbitrary file deletion due to insufficien…

high
8.1
First published (updated )
CVE-2024-13767

WordPressWordPress WP Contest plugin <= 1.0.0 - SQL Injection vulnerability

high
8.5
First published (updated )
CVE-2024-51837

WordPressWordPress CubeWP – All-in-One Dynamic Content Framework plugin <= 1.1.15 - Broken Access Control vulnerability

high
8.8
First published (updated )
CVE-2024-48039

WordPressWordPress DocumentPress plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2024-49656

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

WordPressWordPress uCAT – Next Story plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2024-49663

WordPressWordPress GERRYWORKS Post by Mail plugin <= 1.0 - Privilege Escalation vulnerability

high
8.8
First published (updated )
CVE-2024-49608

WordPressWordPress BerqWP plugin <= 1.7.5 - Unauthenticated Non-Blind Server Side Request Forgery (SSRF) vulnerability

high
7.2
First published (updated )
CVE-2024-37942

WordPressContentLock <= 1.0.3 - Email Adding via CSRF

high
8.8
EPSS
0.06%
First published (updated )
CVE-2024-6023

WordPressContentLock <= 1.0.3 - Settings Update via CSRF

high
8.8
EPSS
0.06%
First published (updated )
CVE-2024-6022

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

WordPressWordPress AWSM Team – Team Showcase Plugin plugin <= 1.3.1 - Local File Inclusion vulnerability

high
8.8
First published (updated )
CVE-2024-37454

WordPressWordPress WP Docs plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2024-35696

WordpressCSRF

high
8.8
First published (updated )
CVE-2024-0203

Debian GNU/LinuxStored XSS in WordPress

high
8
First published (updated )
CVE-2022-21662

DebianAuthenticated Object Injection in Multisites in WordPress

high
7.2
First published (updated )
CVE-2022-21663

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DebianSQL injection in WordPress

high
8.8
First published (updated )
CVE-2022-21664

DebianWordPress Core WP_Query SQL Injection Information Disclosure Vulnerability

high
8
First published (updated )
CVE-2022-21661

WordPressWordPress 5.8 beta: Stored Cross-Site Scripting (XSS) vulnerability in widget

high
7.6
First published (updated )
CVE-2021-39202

debian/wordpressAuthenticated cross-site scripting (XSS) in WordPress editor

high
7.6
First published (updated )
CVE-2021-39201

Debian GNU/LinuxWordPress Authenticated XXE attack when installation is running PHP 8

high
7.1
First published (updated )
CVE-2021-29447

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

FedoraWordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated…

high
7.5
First published (updated )
CVE-2020-28033

WordPressSQL Injection

high
7.5
First published (updated )
CVE-2020-24315

WordPressSpecially crafted filenames in WordPress leading to XSS

high
8.7
First published (updated )
CVE-2020-11026

Debian GNU/LinuxUnauthenticated disclosure of certain private posts in WordPress

high
7.5
First published (updated )
CVE-2020-11028

WordPressPassword reset links invalidation issue in WordPress

high
8.1
First published (updated )
CVE-2020-11027

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Debian GNU/LinuxWordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain …

high
7.5
First published (updated )
CVE-2019-17673

Debian GNU/LinuxCSRF

high
8.8
First published (updated )
CVE-2019-17675

Wp-members Project Wp-membersCSRF

high
8.8
First published (updated )
CVE-2019-15660

debian/wordpressXSS, CSRF

high
8.8
First published (updated )
CVE-2019-9787

WordPressMalicious File Upload

high
8.8
First published (updated )
CVE-2019-8942

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203