555 matches found
CVE-2026-0688
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 via the 'Tools::read' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...
CVE-2026-0688
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 via the 'Tools::read' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...
PT-2026-29687
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 via the 'Tools::read' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...
WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.15.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Post Author Reassignment via Avatar Field vulnerability
WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.15.5 - Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Post Author Reassignment via Avatar Field vulnerability discovered by type5afe in WordPress Plugin Profile...
CVE-2026-3098
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...
CVE-2026-4758
The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-lev...
WordPress LearnPress plugin <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Answer Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Quiz Answer Deletion vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin LearnPress versions = 4.3.2.8...
CVE-2026-3533 JupiterX Core <= 4.14.1 - Authenticated (Subscriber+) Missing Authorization To Limited File Upload via Popup Template Import
The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on importpopuptemplates function as well as insufficient file type validation in the uploadfiles function in all versions up to, and including, 4.14.1. This makes it possible for Authenticat...
WordPress RepairBuddy plugin <= 4.1132 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via wc_rep_shop_settings_submission AJAX Action vulnerability
Missing Authorization to Authenticated Subscriber+ Plugin Settings Modification via wcrepshopsettingssubmission AJAX Action vulnerability discovered by WordFence in WordPress Plugin RepairBuddy versions = 4.1132...
CVE-2026-3460
The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2. This is due to the permission callback updateuserwechatshopinfopermissionscheck only validating that the supplied 'openid' parameter corresponds to an...
CVE-2026-2351
The Task Manager plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.0.2 via the callbackgettextfromurl function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...
CVE-2026-4087 Pre* Party Resource Hints <= 1.8.20 - Authenticated (Subscriber+) SQL Injection via 'hint_ids' Parameter
The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
CVE-2026-4087
The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
CVE-2026-3460 REST API TO MiniProgram <= 5.1.2 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'userid' REST API Parameter
The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2. This is due to the permission callback updateuserwechatshopinfopermissionscheck only validating that the supplied 'openid' parameter corresponds to an...
CVE-2026-1935 Company Posts for LinkedIn <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary LinkedIn Post Data Deletion
The Company Posts for LinkedIn plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.0. This is due to a missing capability check on the linkedincompanypostresethandler function hooked to adminpostresetlinkedincompanypost. This makes it possible for...
PT-2026-26802
The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'atomchat update auth ajax' and 'atomchat update layout ajax' functions in all versions up to, and including, 1.1.7. This makes it possible for...
WordPress Download Manager plugin <= 3.3.49 - Missing Authorization to Authenticated (Subscriber+) User Email Enumeration via 'user' Parameter vulnerability
Missing Authorization to Authenticated Subscriber+ User Email Enumeration via 'user' Parameter vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Plugin Download Manager versions = 3.3.49...
WordPress NEX-Forms - Ultimate Forms Plugin for WordPress plugin <= 9.1.9 - Missing Authorization to Authenticated (Subscriber+) License Deactivation via deactivate_license vulnerability
WordPress NEX-Forms - Ultimate Forms Plugin for WordPress plugin = 9.1.9 - Missing Authorization to Authenticated Subscriber+ License Deactivation via deactivatelicense vulnerability discovered by Legion Hunter in WordPress Plugin NEX-Forms versions = 9.1.9...
EUVD-2026-12182
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatelicense function in all versions up to, and including, 9.1.9. This makes it possible for authenticated attackers, with...
CVE-2026-1948 NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Authenticated (Subscriber+) License Deactivation via deactivate_license
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatelicense function in all versions up to, and including, 9.1.9. This makes it possible for authenticated attackers, with...