Export limit exceeded: 10281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10281 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13997 | 2 Kingaddons, Wordpress | 2 King Addons For Elementor – 80+ Elementor Widgets, 4 000+ Elementor Templates, Woocommerce, Mega Menu, Popup Builder, Wordpress | 2026-04-08 | 5.3 Medium |
| The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in all versions up to, and including, 51.1.49 due to the plugin adding the API keys to the HTML source code via render_full_form function. This makes it possible for unauthenticated attackers to extract site's Mailchimp, Facebook and Google API keys and secrets. This vulnerability requires the Premium license to be installed | ||||
| CVE-2024-8483 | 1 Madrasthemes | 1 Mas Static Content | 2026-04-08 | 4.3 Medium |
| The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.8 via the static_content() function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract potentially sensitive information from private static content pages. | ||||
| CVE-2024-11299 | 1 Caseproof | 1 Memberpress | 2026-04-08 | 5.3 Medium |
| The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator. | ||||
| CVE-2024-11090 | 1 Liquidweb | 1 Restrict Content | 2026-04-08 | 5.3 Medium |
| The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.13 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator. | ||||
| CVE-2024-8902 | 1 Webtechstreet | 1 Elementor Addon Elements | 2026-04-08 | 4.3 Medium |
| The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.8 via the render_column function in modules/data-table/widgets/data-table.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. | ||||
| CVE-2025-6722 | 1 Wordpress | 1 Wordpress | 2026-04-08 | 5.3 Medium |
| The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more when directory listing is enabled on the server and the ~/wp-content/plugins/index.php file is missing or ignored. | ||||
| CVE-2025-4798 | 1 Wp-downloadmanager Project | 1 Wp-downloadmanager | 2026-04-08 | 4.9 Medium |
| The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files. | ||||
| CVE-2024-9538 | 2 Hasthemes, Wordpress | 2 Shoplentor, Wordpress | 2026-04-08 | 4.3 Medium |
| The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data. | ||||
| CVE-2025-11983 | 2 Scossar, Wordpress | 2 Wp Discourse, Wordpress | 2026-04-08 | 4.3 Medium |
| The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5.9. This is due to the plugin unconditionally sending Discourse API credentials (Api-Key and Api-Username headers) to any host specified in a post's discourse_permalink custom field during comment synchronization. This makes it possible for authenticated attackers, with author-level access and above, to exfiltrate sensitive Discourse API credentials to attacker-controlled servers, as well as query internal services and potentially perform further attacks. | ||||
| CVE-2025-12512 | 2 Edge22, Wordpress | 2 Generateblocks, Wordpress | 2026-04-08 | 4.3 Medium |
| The GenerateBlocks plugin for WordPress is vulnerable to information exposure due to missing object-level authorization checks in versions up to, and including, 2.1.2. This is due to the plugin registering multiple REST API routes under `generateblocks/v1/meta/` that gate access with `current_user_can('edit_posts')`, which is granted to low-privileged roles such as Contributor. The handlers accept arbitrary entity IDs (user IDs, post IDs, etc.) and meta keys, returning any requested metadata with only a short blacklist of password-like keys for protection. There is no object-level authorization ensuring the caller is requesting only their own data, and there is no allowlist of safe keys. This makes it possible for authenticated attackers, with Contributor-level access and above, to exfiltrate personally identifiable information (PII) and other sensitive profile data of administrator accounts or any other users by directly querying user meta keys via the exposed endpoints via the `get_user_meta_rest` function. In typical WordPress + WooCommerce setups, this includes names, email, phone, and address fields that WooCommerce stores in user meta, enabling targeted phishing, account takeover pretexting, and privacy breaches. | ||||
| CVE-2025-2578 | 2026-04-08 | 5.3 Medium | ||
| The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.19 via the 'wpAmeliaApiCall' function. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | ||||
| CVE-2025-12540 | 2 Sharethis, Wordpress | 2 Dashboard For Google Analytics, Wordpress | 2026-04-08 | 4.7 Medium |
| The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.4. This is due to the Google Analytics client_ID and client_secret being stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to craft a link to the sharethis.com server, which will share an authorization token for Google Analytics with a malicious website, if the attacker can trick an administrator logged into the website and Google Analytics to click the link. | ||||
| CVE-2025-13494 | 1 Wordpress | 1 Wordpress | 2026-04-08 | 5.3 Medium |
| The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.0. This is due to the plugin storing PHP error logs in a predictable, web-accessible location (wp-content/uploads/ssp-debug/ssp-debug.log) without any access controls. This makes it possible for unauthenticated attackers to view sensitive debugging information including full URLs, client IP addresses, User-Agent strings, WordPress user IDs, and internal filesystem paths. | ||||
| CVE-2024-10050 | 1 Brainstormforce | 1 Elementor Header \& Footer Builder | 2026-04-08 | 4.3 Medium |
| The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfe_template shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to view the contents of Draft, Private and Password-protected posts they do not own. | ||||
| CVE-2025-2228 | 1 Cyberchimps | 1 Responsive Addons For Elementor | 2026-04-08 | 5.7 Medium |
| The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.8 the 'register_user' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including usernames and passwords of any users who register via the Edit Login | Registration Form widget, as long as that user opens the email notification for successful registration. | ||||
| CVE-2025-9196 | 2 Sergiotrinity, Wordpress | 2 Trinity Audio, Wordpress | 2026-04-08 | 5.3 Medium |
| The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data. | ||||
| CVE-2024-6553 | 2 Aguidrevitch, Wp-meteor | 2 Wp Meteor Website Speed Optimization Addon, Wp Meteor | 2026-04-08 | 5.3 Medium |
| The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.3.This is due to the plugin utilizing wpdesk and leaving test files with display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | ||||
| CVE-2024-10285 | 1 Ce21 | 2 Ce21-suite, Ce21 Suite | 2026-04-08 | 9.8 Critical |
| The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to log in the user associated with the JWT token. | ||||
| CVE-2025-12492 | 2 Ultimatemember, Wordpress | 4 Ultimate Member, Ultimatemember, User Profile & Membership and 1 more | 2026-04-08 | 5.3 Medium |
| The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space. | ||||
| CVE-2024-11083 | 2 Profilepress, Properfraction | 2 Loginwp, Profilepress | 2026-04-08 | 5.3 Medium |
| The ProfilePress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.15.18 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator. | ||||