CVE-2026-2518

The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and activation due to missing capability checks on the 'ultpinstallcallback' and 'ultpactivatecallback' functions in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers...

PT-2026-20586

Name of the Vulnerable Software and Affected Versions NewsBlogger versions 0.2.5.6 through 0.2.6.1 Description The NewsBlogger WordPress theme is susceptible to Cross-Site Request Forgery due to inadequate nonce validation within the newsblogger install and activate plugin function. This allows...

CVE-2025-11164 Mavix Education <= 1.0 - Missing Authorization to Authenticated (Subscriber+) 'Creativ Demo Importer' Plugin Activation

The Mavix Education theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mavixeducationactivateplugin' AJAX action in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Subscriber-level acces...

CVE-2025-10849

CVE-2025-10849 : Felan Framework WordPress plugin contains an unauthorized data modification vulnerability due to a missing capability check in process_plugin_actions (AJAX). Affected versions up to 1.1.4 allow unauthenticated attackers to activate/deactivate plugins. Wordfence lists the patch st...

CVE-2025-8606

The GSheetConnector For Gravity Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 1.3.23. This is due to missing or incorrect nonce validation on the activateplugin and deactivateplugin functions. This makes it possible for attackers to tri...

EUVD-2019-11585

Malware in sbrugna...

CVE-2025-8147 LWSCache <= 2.8.5 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation via lwscache_activatePlugin Function

The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscacheactivatePlugin function in all versions up to, and including, 2.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2024-11972

The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin...

PT-2024-38024 · WordPress +1 · Orchid Store +1

Name of the Vulnerable Software and Affected Versions: Orchid Store theme for WordPress versions up to, and including, 1.5.6 Description: The issue is related to a missing capability check on the orchid store activate plugin function, allowing authenticated attackers with Subscriber-level access...

CVE-2019-25151 Funnel Builder <= 1.3.0 - Arbitrary Plugin Activation

The Funnel Builder plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the activateplugin function in versions up to, and including, 1.3.0. This makes it possible for authenticated attackers to activate any plugin on the vulnerable service...

PT-2023-11378 · WordPress · Funnel Builder

Name of the Vulnerable Software and Affected Versions: Funnel Builder plugin for WordPress versions up to, and including, 1.3.0 Description: The issue is related to authorization bypass due to a missing capability check on the activate plugin function. This allows authenticated attackers to...

CVE-2021-24356

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activateplugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites...