Skip to main content

WordPress

17382 CVEs vendor

Monthly

CVE-2025-13358 MEDIUM This Month

A security vulnerability in Accessiy By CodeConfig Accessibility (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-13309 MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13308 MEDIUM This Month

The Application Passwords plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'reject_url' parameter in all versions up to, and including, 0.1.3. This is due to insufficient input sanitization and output escaping on user supplied URLs, which allows javascript: URI schemes to be embedded in the reject_url parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute when a user clicks the "No, I do not approve of this connection" button, granted they can successfully trick the victim into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-13137 MEDIUM This Month

The Live Sales Notification for Woocommerce - Woomotiv plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'woomotiv_limit' parameter in all versions up to, and including, 3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-12721 MEDIUM This Month

The g-FFL Cockpit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1 via the /server_status REST API endpoint due to a lack of capability checks. This makes it possible for unauthenticated attackers to extract information about the server.

Authentication Bypass WordPress Information Disclosure
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-12720 MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-12717 MEDIUM This Month

The List Attachments Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'before_list' parameter in the [list-attachments] shortcode in all versions up to, and including, 0.4.1a due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-12715 MEDIUM This Month

The Canadian Nutrition Facts Label plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'percentage' field in the Nutrition Label custom post type in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-12673 CRITICAL Act Now

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_qr_code() function in all versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-12577 MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12574 MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12091 MEDIUM This Month

A remote code execution vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13922 MEDIUM This Month

The Tag, Category, and Taxonomy Manager - AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existing_terms_orderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on user-supplied parameters and lack of SQL query parameterization. This makes it possible for authenticated attackers, with Contributor-level access and above who have AI metabox permissions, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database, cause performance degradation, or enable data inference through time-based techniques.

WordPress SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-12505 MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to unauthorized access in all (CVSS 5.4). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-12510 HIGH This Week

The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 13.2.4 due to insufficient input sanitization and output escaping on Google Reviews data imported by the plugin. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that will execute in the admin panel (and potentially on the frontend) whenever a user accesses imported reviews, granted they can add a malicious review to a Google Place that is connected to the vulnerable site.

WordPress Google XSS PHP
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2025-11263 MEDIUM This Month

The Link Whisper Free plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the type parameter in all versions up to, and including, 0.8.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-13620 MEDIUM This Month

A security vulnerability in Wp Social Login and Register Social Counter (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13739 MEDIUM This Month

The CryptX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `cryptx` shortcode in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13682 MEDIUM This Month

The Trail Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

WordPress XSS PHP
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-13678 MEDIUM This Month

The Thai Lottery Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `thailottery` shortcode in all versions up to, and including, 2.5. This is due to insufficient input sanitization and output escaping on the user supplied `width` and `height` shortcode attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13614 HIGH This Week

The Cool Tag Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cool_tag_cloud' shortcode in all versions up to, and including, 2.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-12879 HIGH This Week

The User Generator and Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.2.2. This is due to missing nonce validation in the "Import Using CSV File" function. This makes it possible for unauthenticated attackers to elevate user privileges by creating arbitrary accounts with administrator privileges via a forged request, provided they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-12876 MEDIUM This Month

A security vulnerability in Projectopia - WordPress Project Management (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-12851 HIGH This Week

The My auctions allegro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.32 via the 'controller' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

PHP WordPress RCE Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2025-13684 MEDIUM This Month

The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the ark_rp_options_page function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12130 MEDIUM This Month

The WC Vendors - WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.4. This is due to missing or incorrect nonce validation on the /vendor_dashboard/product/delete/ endpoint. This makes it possible for unauthenticated attackers to delete vendor products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13515 MEDIUM This Month

The Nouri.sh Newsletter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 1.0.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-12850 HIGH This Week

The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the ‘auction_id’ parameter in all versions up to, and including, 3.6.32 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi PHP
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-12374 CRITICAL Act Now

The Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login - User Verification plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.39. This is due to the plugin not properly validating that an OTP was generated before comparing it to user input in the "user_verification_form_wrap_process_otpLogin" function. This makes it possible for unauthenticated attackers to log in as any user with a verified email address, such as an administrator, by submitting an empty OTP value.

Authentication Bypass WordPress
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-12373 MEDIUM This Month

The Torod - The smart shipping and delivery portal for e-shops and retailers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9. This is due to missing or incorrect nonce validation on the save_settings function. This makes it possible for unauthenticated attackers to modify plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12355 MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-12354 MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12186 MEDIUM This Month

The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

WordPress XSS PHP
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-12093 MEDIUM This Month

A security vulnerability in Voidek Employee Portal (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13860 MEDIUM This Month

The Easy Jump Links Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `h_tags` parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13625 MEDIUM This Month

The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-13623 MEDIUM This Month

The Twitscription plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admin.php PATH_INFO in all versions up to, and including, 0.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

PHP WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-13622 MEDIUM This Month

The Jabbernotification plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admin.php PATH_INFO in all versions up to, and including, 0.99-RC2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

PHP WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-13621 MEDIUM This Month

The dream gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'dreampluginsmain' AJAX action. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-13528 MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13512 MEDIUM This Month

The CoSign Single Signon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-13360 MEDIUM This Month

The Quantic Social Image Hover plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13144 MEDIUM This Month

The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the add_cstu_settings function. This makes it possible for unauthenticated attackers to modify plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12370 MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12368 MEDIUM This Month

The Sermon Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `sermon-views` shortcode in all versions up to, and including, 2.30.0. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-12191 MEDIUM This Month

The PDF Catalog for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pdfcatalog' AJAX action in all versions up to, and including, 1.1.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-12190 MEDIUM This Month

The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopby_ajax_optimize_gallery() function. This makes it possible for unauthenticated attackers to trigger bulk optimization via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12189 MEDIUM POC This Month

The Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.10.1321.

CSRF WordPress RCE
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12181 HIGH This Week

The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-12165 MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12163 MEDIUM This Month

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

File Upload WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-12154 HIGH This Week

The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb() function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE PHP
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-12153 HIGH This Week

The Featured Image via URL plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE PHP
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-12133 MEDIUM This Month

A security vulnerability in EPROLO Dropshipping (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12128 MEDIUM This Month

The Hide Categories Or Products On Shop Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7. This is due to missing or incorrect nonce validation on the save_data_hcps() function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12124 MEDIUM This Month

The FitVids for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

WordPress XSS PHP
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-10055 MEDIUM This Month

The Time Sheets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on several endpoints. This makes it possible for unauthenticated attackers to perform a variety of actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13494 MEDIUM This Month

The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.0. This is due to the plugin storing PHP error logs in a predictable, web-accessible location (wp-content/uploads/ssp-debug/ssp-debug.log) without any access controls. This makes it possible for unauthenticated attackers to view sensitive debugging information including full URLs, client IP addresses, User-Agent strings, WordPress user IDs, and internal filesystem paths.

PHP WordPress Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-13362 MEDIUM This Month

The Norby AI plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13313 CRITICAL Act Now

The CRM Memberships plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 2.5. This is due to missing authorization and authentication checks on the `ntzcrm_changepassword` AJAX action. This makes it possible for unauthenticated attackers to reset arbitrary user passwords and gain unauthorized access to user accounts via the `ntzcrm_changepassword` endpoint, granted they can obtain or enumerate a target user's email address. The plugin also exposes the `ntzcrm_get_users` endpoint without authentication, allowing attackers to enumerate subscriber email addresses, facilitating the exploitation of the password reset vulnerability.

Privilege Escalation Authentication Bypass WordPress
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-13312 MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13006 MEDIUM This Month

The SurveyFunnel - Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via several unprotected /wp-json/surveyfunnel/v2/ REST API endpoints. This makes it possible for unauthenticated attackers to extract sensitive data from survey responses.

WordPress Information Disclosure PHP
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-12417 MEDIUM This Month

The SurveyFunnel - Survey Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'surveyfunnel_lite_survey' shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13066 HIGH This Week

The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.0.6. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitization while being accepted as a valid WXR file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE PHP
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-12804 MEDIUM This Month

The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'bookingcalendar' shortcode in all versions up to, and including, 10.14.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-11759 MEDIUM This Month

The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the Xcloner_Remote_Storage:save() function. This makes it possible for unauthenticated attackers to add or modify an FTP backup configuration via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Successful exploitation allows an attacker to set an attacker-controlled FTP site for backup storage and exfiltrate potentially sensitive site data.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13543 HIGH This Week

The PostGallery plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'PostGalleryUploader' class functions in all versions up to, and including, 1.12.5. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE PHP
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-12826 MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in all (CVSS 4.8). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD GitHub
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-12782 MEDIUM PATCH This Month

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable() function. This makes it possible for authenticated attackers, with contributor level access and above, to disable the Beaver Builder layout on arbitrary posts and pages, causing content integrity issues and layout disruption on those pages.

Authentication Bypass WordPress Beaver Builder PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13513 MEDIUM This Month

The Clik stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-11727 HIGH This Week

The Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration - Powered by Codisto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sync() function in all versions up to, and including, 1.3.65 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress Google XSS PHP
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2025-11379 MEDIUM This Month

The WebP Express plugin for WordPress is vulnerable to information exposure via config files in all versions up to, and including, 0.25.9. This is due to the plugin not properly randomizing the name of the config file to prevent direct access on NGINX. This makes it possible for unauthenticated attackers to extract configuration data.

Nginx WordPress Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13756 MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13401 MEDIUM This Month

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "create_img_preload_tag" function. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13390 CRITICAL POC PATCH Act Now

The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token.

Authentication Bypass WordPress Wp Directory Kit PHP
NVD GitHub
CVSS 3.1
10.0
EPSS
0.7%
CVE-2025-13359 MEDIUM PATCH This Month

The Tag, Category, and Taxonomy Manager - AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based SQL Injection via the "getTermsForAjax" function in all versions up to, and including, 3.40.1. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database granted they have metabox access for the taxonomy (enabled by default for contributors).

WordPress SQLi Taxopress PHP
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-13354 MEDIUM PATCH This Month

The Tag, Category, and Taxonomy Manager - AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the "taxopress_merge_terms_batch" function. This makes it possible for authenticated attackers, with subscriber level access and above, to merge or delete arbitrary taxonomy terms.

Authentication Bypass WordPress Taxopress PHP
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13342 CRITICAL Act Now

A security vulnerability in Frontend Admin by DynamiApps (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-13109 MEDIUM This Month

A remote code execution vulnerability in for WordPress is vulnerable to Insecure Direct Object Reference in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12887 MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in all (CVSS 5.4). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-12358 MEDIUM This Month

The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.5. This is due to missing nonce validation on the "post_add_to_list" function as well as an incorrect permissions callback in the "Api/init" function. This makes it possible for unauthenticated attackers to add or remove products from a user's wishlist via a forged request granted they can trick a site's user into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13486 CRITICAL POC THREAT Emergency

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes it possible for unauthenticated attackers to execute arbitrary code on the server, which can be leveraged to inject backdoors or create new administrative user accounts.

WordPress Code Injection RCE PHP
NVD
CVSS 3.1
9.8
EPSS
75.3%
Threat
5.7
CVE-2025-12954 LOW PATCH Monitor

A security vulnerability in Timetable and Event Schedule by MotoPress WordPress (CVSS 2.7). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD WPScan
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-13495 MEDIUM This Month

The FluentCart plugin for WordPress is vulnerable to SQL Injection via the 'groupKey' parameter in all versions up to, and including, 1.3.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi PHP
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-12585 MEDIUM This Month

The MxChat - AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values that can subsequently be used to access conversation data.

WordPress Information Disclosure
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-10304 MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13646 HIGH PATCH This Week

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files with race condition on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE Modula Image Gallery PHP
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-13645 HIGH PATCH This Week

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

Path Traversal WordPress PHP RCE Modula Image Gallery
NVD GitHub
CVSS 3.1
7.2
EPSS
1.2%
CVE-2025-13448 MEDIUM This Month

The CSSIgniter Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' shortcode attribute in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13542 CRITICAL Act Now

The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.4. This is due to the 'dtlms_register_user_front_end' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.

Privilege Escalation WordPress PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in Accessiy By CodeConfig Accessibility (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

The Application Passwords plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'reject_url' parameter in all versions up to, and including, 0.1.3. This is due to insufficient input sanitization and output escaping on user supplied URLs, which allows javascript: URI schemes to be embedded in the reject_url parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute when a user clicks the "No, I do not approve of this connection" button, granted they can successfully trick the victim into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The Live Sales Notification for Woocommerce - Woomotiv plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'woomotiv_limit' parameter in all versions up to, and including, 3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The g-FFL Cockpit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1 via the /server_status REST API endpoint due to a lack of capability checks. This makes it possible for unauthenticated attackers to extract information about the server.

Authentication Bypass WordPress Information Disclosure
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

The List Attachments Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'before_list' parameter in the [list-attachments] shortcode in all versions up to, and including, 0.4.1a due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Canadian Nutrition Facts Label plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'percentage' field in the Nutrition Label custom post type in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_qr_code() function in all versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A remote code execution vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The Tag, Category, and Taxonomy Manager - AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existing_terms_orderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on user-supplied parameters and lack of SQL query parameterization. This makes it possible for authenticated attackers, with Contributor-level access and above who have AI metabox permissions, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database, cause performance degradation, or enable data inference through time-based techniques.

WordPress SQLi
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to unauthorized access in all (CVSS 5.4). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD GitHub
EPSS 0% CVSS 7.2
HIGH This Week

The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 13.2.4 due to insufficient input sanitization and output escaping on Google Reviews data imported by the plugin. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that will execute in the admin panel (and potentially on the frontend) whenever a user accesses imported reviews, granted they can add a malicious review to a Google Place that is connected to the vulnerable site.

WordPress Google XSS +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The Link Whisper Free plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the type parameter in all versions up to, and including, 0.8.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in Wp Social Login and Register Social Counter (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The CryptX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `cryptx` shortcode in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

The Trail Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

WordPress XSS PHP
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Thai Lottery Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `thailottery` shortcode in all versions up to, and including, 2.5. This is due to insufficient input sanitization and output escaping on the user supplied `width` and `height` shortcode attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 8.1
HIGH This Week

The Cool Tag Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cool_tag_cloud' shortcode in all versions up to, and including, 2.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The User Generator and Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.2.2. This is due to missing nonce validation in the "Import Using CSV File" function. This makes it possible for unauthenticated attackers to elevate user privileges by creating arbitrary accounts with administrator privileges via a forged request, provided they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in Projectopia - WordPress Project Management (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 8.1
HIGH This Week

The My auctions allegro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.32 via the 'controller' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

PHP WordPress RCE +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the ark_rp_options_page function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The WC Vendors - WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.4. This is due to missing or incorrect nonce validation on the /vendor_dashboard/product/delete/ endpoint. This makes it possible for unauthenticated attackers to delete vendor products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The Nouri.sh Newsletter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 1.0.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the ‘auction_id’ parameter in all versions up to, and including, 3.6.32 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login - User Verification plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.39. This is due to the plugin not properly validating that an OTP was generated before comparing it to user input in the "user_verification_form_wrap_process_otpLogin" function. This makes it possible for unauthenticated attackers to log in as any user with a verified email address, such as an administrator, by submitting an empty OTP value.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Torod - The smart shipping and delivery portal for e-shops and retailers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9. This is due to missing or incorrect nonce validation on the save_settings function. This makes it possible for unauthenticated attackers to modify plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

WordPress XSS PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in Voidek Employee Portal (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Easy Jump Links Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `h_tags` parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The Twitscription plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admin.php PATH_INFO in all versions up to, and including, 0.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

PHP WordPress XSS
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The Jabbernotification plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admin.php PATH_INFO in all versions up to, and including, 0.99-RC2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

PHP WordPress XSS
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The dream gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'dreampluginsmain' AJAX action. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The CoSign Single Signon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Quantic Social Image Hover plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the add_cstu_settings function. This makes it possible for unauthenticated attackers to modify plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Sermon Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `sermon-views` shortcode in all versions up to, and including, 2.30.0. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

The PDF Catalog for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pdfcatalog' AJAX action in all versions up to, and including, 1.1.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Image Optimizer by wps.sk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the imagopby_ajax_optimize_gallery() function. This makes it possible for unauthenticated attackers to trigger bulk optimization via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

The Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.10.1321.

CSRF WordPress RCE
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

File Upload WordPress XSS
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb() function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The Featured Image via URL plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in EPROLO Dropshipping (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Hide Categories Or Products On Shop Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7. This is due to missing or incorrect nonce validation on the save_data_hcps() function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

The FitVids for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

WordPress XSS PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Time Sheets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on several endpoints. This makes it possible for unauthenticated attackers to perform a variety of actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.0. This is due to the plugin storing PHP error logs in a predictable, web-accessible location (wp-content/uploads/ssp-debug/ssp-debug.log) without any access controls. This makes it possible for unauthenticated attackers to view sensitive debugging information including full URLs, client IP addresses, User-Agent strings, WordPress user IDs, and internal filesystem paths.

PHP WordPress Information Disclosure
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Norby AI plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The CRM Memberships plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 2.5. This is due to missing authorization and authentication checks on the `ntzcrm_changepassword` AJAX action. This makes it possible for unauthenticated attackers to reset arbitrary user passwords and gain unauthorized access to user accounts via the `ntzcrm_changepassword` endpoint, granted they can obtain or enumerate a target user's email address. The plugin also exposes the `ntzcrm_get_users` endpoint without authentication, allowing attackers to enumerate subscriber email addresses, facilitating the exploitation of the password reset vulnerability.

Privilege Escalation Authentication Bypass WordPress
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The SurveyFunnel - Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via several unprotected /wp-json/surveyfunnel/v2/ REST API endpoints. This makes it possible for unauthenticated attackers to extract sensitive data from survey responses.

WordPress Information Disclosure PHP
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

The SurveyFunnel - Survey Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'surveyfunnel_lite_survey' shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.0.6. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitization while being accepted as a valid WXR file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'bookingcalendar' shortcode in all versions up to, and including, 10.14.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the Xcloner_Remote_Storage:save() function. This makes it possible for unauthenticated attackers to add or modify an FTP backup configuration via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Successful exploitation allows an attacker to set an attacker-controlled FTP site for backup storage and exfiltrate potentially sensitive site data.

CSRF WordPress PHP
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The PostGallery plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'PostGalleryUploader' class functions in all versions up to, and including, 1.12.5. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in all (CVSS 4.8). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable() function. This makes it possible for authenticated attackers, with contributor level access and above, to disable the Beaver Builder layout on arbitrary posts and pages, causing content integrity issues and layout disruption on those pages.

Authentication Bypass WordPress Beaver Builder +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The Clik stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

WordPress XSS PHP
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration - Powered by Codisto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sync() function in all versions up to, and including, 1.3.65 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress Google XSS +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The WebP Express plugin for WordPress is vulnerable to information exposure via config files in all versions up to, and including, 0.25.9. This is due to the plugin not properly randomizing the name of the config file to prevent direct access on NGINX. This makes it possible for unauthenticated attackers to extract configuration data.

Nginx WordPress Information Disclosure
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A security vulnerability in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "create_img_preload_tag" function. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 1% CVSS 10.0
CRITICAL POC PATCH Act Now

The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token.

Authentication Bypass WordPress Wp Directory Kit +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The Tag, Category, and Taxonomy Manager - AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based SQL Injection via the "getTermsForAjax" function in all versions up to, and including, 3.40.1. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database granted they have metabox access for the taxonomy (enabled by default for contributors).

WordPress SQLi Taxopress +1
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The Tag, Category, and Taxonomy Manager - AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the "taxopress_merge_terms_batch" function. This makes it possible for authenticated attackers, with subscriber level access and above, to merge or delete arbitrary taxonomy terms.

Authentication Bypass WordPress Taxopress +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

A security vulnerability in Frontend Admin by DynamiApps (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A remote code execution vulnerability in for WordPress is vulnerable to Insecure Direct Object Reference in all (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A security vulnerability in for WordPress is vulnerable to authorization bypass in all (CVSS 5.4). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.5. This is due to missing nonce validation on the "post_add_to_list" function as well as an incorrect permissions callback in the "Api/init" function. This makes it possible for unauthenticated attackers to add or remove products from a user's wishlist via a forged request granted they can trick a site's user into performing an action such as clicking on a link.

CSRF WordPress PHP
NVD
EPSS 75% 5.7 CVSS 9.8
CRITICAL POC THREAT Emergency

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes it possible for unauthenticated attackers to execute arbitrary code on the server, which can be leveraged to inject backdoors or create new administrative user accounts.

WordPress Code Injection RCE +1
NVD
EPSS 0% CVSS 2.7
LOW PATCH Monitor

A security vulnerability in Timetable and Event Schedule by MotoPress WordPress (CVSS 2.7). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD WPScan
EPSS 0% CVSS 4.9
MEDIUM This Month

The FluentCart plugin for WordPress is vulnerable to SQL Injection via the 'groupKey' parameter in all versions up to, and including, 1.3.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi PHP
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The MxChat - AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values that can subsequently be used to access conversation data.

WordPress Information Disclosure
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass WordPress PHP
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files with race condition on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE +2
NVD GitHub
EPSS 1% CVSS 7.2
HIGH PATCH This Week

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

Path Traversal WordPress PHP +2
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

The CSSIgniter Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' shortcode attribute in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.4. This is due to the 'dtlms_register_user_front_end' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.

Privilege Escalation WordPress PHP
NVD
Prev Page 35 of 194 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy