WordPress Download Media Library plugin <= 0.2.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Download Media Library versions = 0.2.1...

WordPress CSS3 Buttons plugin <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin CSS3 Buttons versions = 0.1...

WordPress WebP Express plugin <= 0.25.9 - Unauthenticated Information Exposure vulnerability

Unauthenticated Information Exposure vulnerability discovered by Rafshanzani Suhada in WordPress Plugin WebP Express versions = 0.25.9...

WordPress The Total Book Project plugin <= 1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Book Manipulation vulnerability

Insecure Direct Object Reference to Authenticated Contributor+ Book Manipulation vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin The Total Book Project versions = 1.0...

WordPress The Tribal Plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin The Tribal versions = 1.3.3...

WordPress Biagiotti Core plugin <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton in WordPress Plugin Biagiotti Core versions = 2.1.3...

WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Carousel Ultimate versions = 1.8...

WordPress Paid Member Subscriptions Plugin <= 2.15.9 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by MD ISMAIL in WordPress Plugin Paid Member Subscriptions versions = 2.15.9...

CVE-2024-25765

creationtimestamp| type| source ---|---|--- 2025-09-01 21:00:04+00:00| published-proof-of-concept| Telegram/nfGTp2xTn4QGBhVuPNna78NmZEMmW41bwCC35jvxvcYjBw...

WordPress Otter - Gutenberg Block Plugin <= 3.1.0 - Sensitive Data Exposure Vulnerability

WordPress Otter - Gutenberg Block Plugin = 3.1.0 - Sensitive Data Exposure Vulnerability discovered by Abu Hurayra in WordPress Plugin Otter - Gutenberg Block versions = 3.1.0...

WordPress Earnware Connect plugin <= 1.0.73 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Earnware Connect versions = 1.0.73...

WordPress Time Sheets plugin <= 2.1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Time Sheets versions = 2.1.3...

WordPress Simple Responsive Slider plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Simple Responsive Slider versions = 2.0...

CVE-2025-46099

creationtimestamp| type| source ---|---|--- 2025-07-18 19:08:34+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/44498 2025-07-19 03:00:06+00:00| published-proof-of-concept| Telegram/nzYKhchPqnjkmQtRnvSWn0Xnfothyx5mgumD7MVA9piB0...

GHSA-9FHC-F3MR-W6H6

creationtimestamp| type| source ---|---|--- 2025-06-11 14:31:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18077...

WordPress BNS Featured Category plugin <= 2.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin BNS Featured Category versions = 2.8.2...

WordPress Sola Support Ticket plugin <= 3.18 - Arbitrary Content Deletion Vulnerability

Arbitrary Content Deletion Vulnerability discovered by luckybuddy in WordPress Plugin Sola Support Ticket versions = 3.18...

WordPress Opal Woo Custom Product Variation plugin <= 1.2.0 - Arbitrary File Deletion Vulnerability

Arbitrary File Deletion Vulnerability discovered by timomangcut in WordPress Plugin Opal Woo Custom Product Variation versions = 1.2.0...

CVE-2024-35885

creationtimestamp| type| source ---|---|--- 2025-05-04 09:17:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14738...

WordPress iCafe Library plugin <= 1.8.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0x1ceKing Patchstack Alliance in WordPress Plugin iCafe Library versions = 1.8.3...