CVE-2026-2633 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Missing Authorization to Authenticated (Contributor+) Unauthorized Media Upload

The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.6.1. This is due to a missing capability check in the processimagedataajaxcallback function which handles the kadenceimportprocessimagedata AJAX action. T...

CVE-2026-2022

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednaosmartformsgetcampaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2026-2022 Smart Forms <= 2.6.99 - Missing Authorization to Authenticated (Subscriber+) Campaign Data Exposure

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednaosmartformsgetcampaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access and...

WordPress plugin Smart Forms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-8072

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimp campaigns manager disconnect app function that is hooked to the AJAX action of the same name. This makes it...

CVE-2025-70093

An issue in OpenSourcePOS v3.4.1 allows attackers to execute arbitrary code via returning a crafted AJAX response...

WordPress plugin WCFM Marketplace – Multivendor Marketplace for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

PT-2026-7240

The WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0. This is due to the plugin not implementing authorization checks in the wcfm-refund-requests-form AJAX controller. This...

CVE-2025-13416

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...

EUVD-2025-206869

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.3.5. This is due to missing capability checks on the ehcrmticketgeneral function combined with a shared nonce that is exposed to low-privileg...

CVE-2025-13416

The CVE-2025-13416 relates to the ProfileGrid – User Profiles, Groups and Communities WordPress plugin. Affected versions are all up to and including 5.9.7.2. Root cause: missing capability check in the pm_deactivate_user_from_group() function, enabling authenticated users with Subscriber-level a...

CVE-2025-13416 ProfileGrid – User Profiles, Groups and Communities <= 5.9.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Suspension

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...

PT-2026-5878

Name of the Vulnerable Software and Affected Versions ELEX WordPress HelpDesk & Customer Ticketing System versions through 3.3.5 Description The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is susceptible to a missing authorization issue. This is caused by a lack of...

WordPress Sell BTC - Cryptocurrency Selling Calculator plugin <= 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderform_data' AJAX Action vulnerability

WordPress Sell BTC - Cryptocurrency Selling Calculator plugin = 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderformdata' AJAX Action vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Sell BTC – Cryptocurrency Selling Calculator versions = 1.5...

CVE-2026-1054

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

CVE-2026-1088 Login Page Editor <= 1.2 - Cross-Site Request Forgery to Settings Update

The Login Page Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing nonce validation on the devotionloginformprocess AJAX action. This makes it possible for unauthenticated attackers to update the plugin's login...

PT-2026-4615

The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdk public action AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user...

CVE-2025-15403 RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

CVE-2025-14075 WP Hotel Booking <= 2.2.7 - Unauthenticated Sensitive Information Exposure via 'email' Parameter

The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotelbookingfetchcustomerinfo' AJAX action to unauthenticated users without proper capability checks, relying only on a...

CVE-2025-14757 Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...