GCVE - cpe:2.3:a:stellarwp:wpcomplete:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:stellarwp:wpcomplete:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Stellarwp (`85cedc32-4162-5fac-82cb-4647b1b8e38d`)
Product	Wpcomplete (`f650950e-de5b-5acd-9e6f-6156f5df7044`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-58974`	vulnerable	2026-06-03 15:06:23.290784	WordPress WPComplete Plugin <= 2.9.5.2 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through <= 2.9.5.2. Published: 2025-09-22T18:26:08.404Z Updated: 2026-04-28T16:13:50.809Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wpcomplete/vulnerability/wordpress-wpcomplete-plugin-2-9-5-2-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-50046`	vulnerable	2026-06-03 15:01:49.245624	WordPress WPComplete plugin <= 2.9.5 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through <= 2.9.5. Published: 2025-06-20T15:03:49.121Z Updated: 2026-04-28T16:13:16.924Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wpcomplete/vulnerability/wordpress-wpcomplete-plugin-2-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-49906`	vulnerable	2026-06-03 15:01:46.300313	WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through <= 2.9.5.3. Published: 2025-10-22T14:32:10.402Z Updated: 2026-04-28T16:13:07.508Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wpcomplete/vulnerability/wordpress-wpcomplete-plugin-2-9-5-3-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.