CVE-2025-53428 WordPress Simple User Registration plugin <= 6.8 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.8...

CVE-2025-53425 WordPress Dokan plugin <= 4.1.3 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through = 4.1.3...

CVE-2025-53425

CVE-2025-53425 concerns an incorrect privilege assignment in the WordPress Dokan plugin (dokan-lite). Affected versions are cited as

CVE-2025-49924

CVE-2025-49924 describes an incorrect privilege assignment in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices (versions up to and including 2.2.4.2) that enables privilege escalation. The issue is documented across multiple feeds (NVD, Red Hat, CVE List, EUVD, CNNVD, etc.) with a CVSS ...

CVE-2025-49924 WordPress Wholesale Suite plugin <= 2.2.4.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.4.2...

CVE-2025-49924 WordPress Wholesale Suite plugin <= 2.2.4.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.4.2...

CVE-2025-48082 WordPress Progress Planner plugin <= 1.8.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...

CVE-2025-48082

CVE-2025-48082 describes an incorrect privilege assignment in the WordPress plugin Progress Planner (Progress Planner,

CVE-2025-41109

CVE-2025-41109 affects Ghost Robotics Vision 60 (v0.27.2). The issue arises from lack of authentication for physical interfaces (three RJ45s and a USB-C port). The device’s internal router automatically assigns IPs to any physically connected equipment, enabling an attacker who controls a rogue W...

WordPress plugin Progress Planner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin woocommerce-wholesale-prices 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin Voice Feedback 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin extendons-registration-fields 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Duplicate

This advisory duplicates another...

WordPress plugin SUMO Memberships for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Admidio SQL注入漏洞

Admidio is an open source member management system from the Admidio team. The system supports features such as member lists, event management, guestbooks, photo albums and downloads. A SQL injection vulnerability exists in Admidio versions prior to 4.3.17, which stems from a SQL injection in the...

PT-2025-43153

Name of the Vulnerable Software and Affected Versions Progress Planner versions prior to 1.8.1 Description An incorrect privilege assignment exists in Progress Planner, potentially allowing privilege escalation. Recommendations Update Progress Planner to version 1.8.1 or later...

Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

An authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can exploit this vulnerability to execute arbitrary SQL commands. This can lead to a...

WordPress plugin Dokan 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-62401

An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment...