Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how wordpress compares to other vendors in security performance

View Risk Score →

Software

wordpress
115
wordpress wordpress
19
wordpress profilegrid
6
wordpress wplms plugin
6
wordpress download manager
5
wordpress essential blocks
4
wordpress armember plugin
3
wordpress betheme
3
wordpress calculated fields form
3
wordpress contest gallery
3
wordpress easy digital downloads
3
wordpress edwiser bridge
3
wordpress eventin
3
wordpress redirection for contact form 7
3
wordpress wpforo forum
3
wordpress academy lms plugin
2
wordpress advanced sermons
2
wordpress analytify plugin
2
wordpress arforms form builder
2
wordpress arforms plugin
2
wordpress avada
2
wordpress avada builder
2
wordpress ba book everything
2
wordpress besa
2
wordpress bmi adult & kid calculator
2
wordpress booster for woocommerce
2
wordpress build app online plugin
2
wordpress clickwhale
2
wordpress community events
2
wordpress consulting
2
wordpress directorypress
2
wordpress download monitor
2
wordpress easy social share buttons
2
wordpress edumall theme
2
wordpress essential addons for elementor
2
wordpress eventer - wordpress event & booking manager plugin
2
wordpress eventin plugin
2
wordpress evergreen content poster
2
wordpress export and import users and customers
2
wordpress file manager
2
wordpress file upload
2
wordpress filebird
2
wordpress forminator
2
wordpress ht mega plugin
2
wordpress jannah
2
wordpress jobmonster
2
wordpress landing page builder
2
wordpress listingpro
2
wordpress newsletters
2
wordpress olive one click demo import
2

WordPress Drag and Drop Multiple File Upload for Contact Form 7Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.6 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass

Risk 54
Severity
8.1
EPSS
0.16%
First published (updated )
CVE-2026-5718

WordPress WebmentionWebmention <= 5.6.2 - Unauthenticated Blind Server-Side Request Forgery

Risk 44
Severity
7.2
First published (updated )
CVE-2026-0686

WordPress Import and export users and customersImport and export users and customers <= 1.29.7 - Privilege Escalation to Administrator via save_extra_user_profile_fields

Risk 54
Severity
8.1
EPSS
0.06%
First published (updated )
CVE-2026-3629

npm/fox-lmsWordPress Fox LMS plugin <= 1.0.6.3 - SQL Injection vulnerability

Risk 40
Severity
8.5
EPSS
0.03%
First published (updated )
CVE-2026-31922

WordPress Membership Plugin – Restrict ContentMembership Plugin – Restrict Content <= 3.2.20 - Unauthenticated Privilege Escalation via 'rcp_level'

Risk 75
Severity
8.1
First published (updated )
CVE-2026-1321
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

axiomthemes Little BirdiesWordPress Little Birdies theme <= 1.3.16 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28129

AncoraThemes NotariusWordPress Notarius theme <= 1.9 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28124

axiomthemes smart SEOWordPress smart SEO theme <= 2.9 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28117

ThemeREX ArtriumWordPress Artrium theme <= 1.0.14 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28097

ThemeREX GamezoneWordPress Gamezone theme <= 1.1.11 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28090
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

ThemeREX MahoganyWordPress Mahogany theme <= 2.9 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28085

axiomthemes ConquerorsWordPress Conquerors theme <= 1.2.13 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28079

Frenify GuffWordPress Guff theme <= 1.0.1 - Broken Access Control vulnerability

Risk 31
Severity
7.5
EPSS
0.03%
First published (updated )
CVE-2026-28076

WordPress VapesterWordPress Vapester theme <= 1.1.10 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28077

ThemeREX LegrandWordPress Legrand theme <= 2.17 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28066
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

ThemeREX EjectWordPress Eject theme <= 2.17 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28065

ThemeREX Edge DecorWordPress Edge Decor theme <= 2.2 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28064

ThemeREX S.KingWordPress S.King theme <= 1.5.3 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28060

ThemeREX Happy BabyWordPress Happy Baby theme <= 1.2.12 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28062

ThemeREX MandalaWordPress Mandala theme <= 2.8 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28057
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

ThemeREX Police DepartmentWordPress Police Department theme <= 2.17 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28049

ThemeREX PrintyWordPress Printy theme <= 1.8 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28035

ThemeREX TuningWordPress Tuning theme <= 1.3 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28032

ThemeREX BonbonWordPress Bonbon theme <= 1.6 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28030

ThemeREX InvetexWordPress Invetex theme <= 2.18 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28031
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

ThemeREX EmojiNationWordPress EmojiNation theme <= 1.0.12 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28029

ThemeREX KayonWordPress Kayon theme <= 1.3 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28027

axiomthemes HelionWordPress Helion theme <= 1.1.12 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28024

ThemeREX NutsWordPress Nuts theme <= 1.10 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28023

ThemeREX CraftisWordPress Craftis theme <= 1.2.8 - Local File Inclusion vulnerability

Risk 54
Severity
8.1
EPSS
0.11%
First published (updated )
CVE-2026-28021
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203