WordPress Brave Conversion Engine (PRO) plugin <= 0.7.7 - Authentication Bypass to Administrator vulnerability

Authentication Bypass to Administrator vulnerability discovered by Thái An in WordPress Plugin Brave Conversion Engine PRO versions = 0.7.7...

WordPress Password Policy Manager plugin <= 2.0.4 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Password Policy Manager versions = 2.0.4...

CVE-2025-39535 WordPress Vitepos plugin <= 3.1.7 - Broken Authentication Vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through = 3.1.7...