Known Vulnerabilities for products from WPExperts
Listed below are 20 of the newest known vulnerabilities associated with the vendor "WPExperts".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-48118 json | Not Provided | 2025-06-17 | 2026-04-23 | |
| CVE-2025-31888 json | Not Provided | 2025-04-01 | 2026-04-23 | |
| CVE-2025-28898 json | Not Provided | 2025-03-26 | 2026-04-23 | |
| CVE-2025-26974 json | Not Provided | 2025-02-25 | 2026-04-23 | |
| CVE-2025-24680 json | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPExperts.io WP Multistore Loc... | Not Provided | 2025-01-27 | 2026-04-23 |
| CVE-2025-22800 json | Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control... | Not Provided | 2025-01-13 | 2026-04-23 |
| CVE-2024-52436 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal Post SMTP po... | Not Provided | 2024-11-18 | 2026-04-23 |
| CVE-2024-47338 json | Not Provided | 2024-10-06 | 2026-04-23 | |
| CVE-2024-43214 json | Missing Authorization vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2. | Not Provided | 2024-08-26 | 2026-04-23 |
| CVE-2024-31297 json | Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from... | Not Provided | 2024-04-10 | 2026-04-28 |
| CVE-2024-30469 json | Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from... | Not Provided | 2024-03-29 | 2026-04-28 |
| CVE-2024-29128 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post SMTP POST SMTP all... | Not Provided | 2024-03-19 | 2026-04-28 |
| CVE-2024-27959 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpexpertsio WC Shop Syn... | Not Provided | 2024-03-17 | 2026-04-28 |
| CVE-2024-5207 json | The POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications plugin for Word... | Not Provided | 2024-05-30 | 2026-04-08 |
| CVE-2024-1639 json | The License Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capabi... | Not Provided | 2024-06-21 | 2026-04-08 |
| CVE-2024-0656 json | The Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease plugin for WordPress is vulne... | Not Provided | 2024-02-29 | 2026-04-08 |
| CVE-2023-50902 json | Cross-Site Request Forgery (CSRF) vulnerability in WPExpertsio New User Approve.This issue affects New User Approve: from n/a... | Not Provided | 2023-12-29 | 2026-04-28 |
| CVE-2023-49842 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpexpertsio Rocket Main... | Not Provided | 2023-12-14 | 2026-04-28 |
| CVE-2023-48742 json | 7.2 - HIGH | 2023-11-30 | 2023-12-05 | |
| CVE-2023-47853 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred myCred – Point... | Not Provided | 2023-11-30 | 2025-10-17 |