Every CVE whose affected-product data names Mtrv Teachpress, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2025-32149 — CVSS 8.5 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in winkm89 teachPress teachpress allows…
CVE-2023-36501 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Winkler teachPress plugin <= 9.0.2 versions.
CVE-2023-22704 — CVSS 7.1 (high): Reflected Cross-Site Scripting (XSS) vulnerability in Michael Winkler teachPress plugin <= 8.1.8 versions.
CVE-2025-1321 — CVSS 6.5 (medium): The teachPress plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tpsearch' shortcode in all versions up…
CVE-2023-52129 — CVSS 6.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler teachPress.This issue affects teachPress: from n/a through 9.0.4.
CVE-2023-49163 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler teachPress.This issue affects teachPress: from n/a through 9.0.5.
CVE-2025-1320 — CVSS 4.3 (medium): The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9. This is due to…