142 matches found
CVE-2026-3453
The ProfilePress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.16.11. This is due to missing ownership validation on the changeplansubid parameter in the processcheckout function. The ppressprocesscheckout AJAX handler accepts a...
WordPress JupiterX Core plugin <= 4.14.1 - Authenticated (Subscriber+) Missing Authorization To Limited File Upload via Popup Template Import vulnerability
Authenticated Subscriber+ Missing Authorization To Limited File Upload via Popup Template Import vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin JupiterX Core versions = 4.14.1...
WordPress Punnel plugin <= 1.3.1 - Missing Authorization to Authenticated (Subscriber+) Settings Update via 'punnel_save_config' AJAX Action vulnerability
Missing Authorization to Authenticated Subscriber+ Settings Update via 'punnelsaveconfig' AJAX Action vulnerability discovered by Poli - CMC Global in WordPress Plugin Punnel – Landing Page Builder versions = 1.3.1...
CVE-2026-4087 Pre* Party Resource Hints <= 1.8.20 - Authenticated (Subscriber+) SQL Injection via 'hint_ids' Parameter
The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
WordPress ProfilePress plugin <= 4.16.11 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Subscription Cancellation/Expiration vulnerability
Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Subscription Cancellation/Expiration vulnerability discovered by kai63001 in WordPress Plugin ProfilePress versions = 4.16.11...
WordPress Winston AI plugin <= 0.0.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Settings Deletion vulnerability discovered by Legion Hunter in WordPress Plugin HUMN-1 AI Website Scanner & Human Certification by Winston AI versions = 0.0.3...
WordPress Smartsupp - live chat, AI shopping assistant and chatbots plugin <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
WordPress Smartsupp - live chat, AI shopping assistant and chatbots plugin = 3.9.1 - Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Smartsupp – live chat, chatbots, AI and lead generation versions = 3.9.1...
CVE-2026-1373
The CVE-2026-1373 affects the WordPress plugin Easy Author Image (affected: all versions up to 1.7). It enables a Stored Cross-Site Scripting via the author_profile_picture_url parameter due to insufficient input sanitization and output escaping. Exploitation requires an authenticated user with S...
CVE-2026-2284
CVE-2026-2284 concerns the News Element Elementor Blog Magazine plugin for WordPress (
CVE-2026-0974
The CVE affects the WordPress plugin Orderable (Restaurant Online Ordering System) up to version 1.20.0. A missing capability check in the install_plugin function allows authenticated attackers with Subscriber-level access and above to install arbitrary plugins, which can lead to Remote Code Exec...
CVE-2025-14427 Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches <= 21.0.9 - Missing Authorization to Authenticated (Subscriber+) Email MFA Update
The Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MfaEmailDisable action in all versions up to, and including, 21.0.9. This makes it possible for...
CVE-2025-12448 Smartsupp – live chat, AI shopping assistant and chatbots <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The Smartsupp – live chat, AI shopping assistant and chatbots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'code' parameter in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches plugin <= 21.0.9 - Missing Authorization to Authenticated (Subscriber+) Email MFA Update vulnerability
Missing Authorization to Authenticated Subscriber+ Email MFA Update vulnerability discovered by shark3y in WordPress Plugin Shield Security versions = 21.0.9...
WordPress Shopire plugin <= 1.0.57 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install vulnerability
Missing Authorization to Authenticated Subscriber+ Limited Plugin Install vulnerability discovered by Ky0toFu in WordPress Theme Shopire versions = 1.0.57...
CVE-2025-12071 Frontend User Notes <= 2.1.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Note Modification
The Frontend User Notes plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.0 via the 'funpajaxmodifynotes' AJAX endpoint due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2025-12062
The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8.6 via the fcloadtemplate function. This makes it possible for authenticated attackers, with Subscriber-leve...
CVE-2026-1499
The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the processaddsite AJAX action combined with path traversal in the file upload functionality. This...
CVE-2026-0555
The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premmercewizardactions' AJAX endpoint in all versions up to, and including, 1.3.20. This is due to missing capability checks and insufficient input sanitization and output escaping on the state parameter. Thi...
WordPress The Bucketlister plugin <= 0.1.5 - Missing Authorization to Authenticated (Subscriber+) Bucket List Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Bucket List Modification vulnerability discovered by Ivan Cese in WordPress Plugin The Bucketlister versions = 0.1.5...
WordPress EventPrime - Events Calendar, Bookings and Tickets plugin <= 3.4.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion vulnerability
WordPress EventPrime - Events Calendar, Bookings and Tickets plugin = 3.4.3 - Missing Authorization to Authenticated Subscriber+ Arbitrary Post Deletion vulnerability discovered by Lucio Sá in WordPress Plugin EventPrime versions = 3.4.3...