wordpress foundation
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting wordpress foundation.
- CVE-2026-3906WordPress 6.9 - 6.9.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Note Creation via REST API4.3
- CVE-2025-9501W3 Total Cache < 2.8.13 - Unauthenticated Command Injection9.0
- CVE-2025-11833Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.0 - Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure9.8
- CVE-2025-10294OwnID Passwordless Login <= 1.3.4 - Authentication Bypass9.8
- CVE-2025-58674WordPress <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability5.9
- CVE-2025-58246WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability4.3
- CVE-2025-9807The Events Calendar <= 6.15.1 - Unauthenticated SQL Injection7.5
- CVE-2025-24000WordPress Post SMTP plugin <= 3.2.0 - Account Takeover Vulnerability8.8
- CVE-2025-5947Service Finder Bookings <= 6.0 - Authentication Bypass via User Switch Cookie9.8
- CVE-2025-7697Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 - Unauthenticated PHP Object Injection via verify_field_val Function9.8
- CVE-2025-6043Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion8.1
- CVE-2025-6463Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.44.2 - Unauthenticated Arbitrary File Deletion Triggered via Administrator Form Submission Deletion8.8
- CVE-2025-5746Drag and Drop Multiple File Upload (Pro) - WooCommerce <= 1.7.1 and 5.0 - 5.0.5 - Unauthenticated Arbitrary File Upload9.8
- CVE-2025-5314Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.65 - DOM-Based Reflected Cross-Site Scripting via 'pdf-source'6.1
- CVE-2025-53339WordPress Devnex Addons For Elementor plugin <= 1.0.9 - Local File Inclusion Vulnerability7.5