1266 matches found
CVE-2026-12869
The Header Footer Builder for Elementor WordPress plugin before 1.2.1 does not require an administrative capability for its dashboard template-import action it allows any editposts user, so a Contributor can import a template containing an Elementor HTML widget configured to display site-wide,...
CVE-2026-12906 RTMKit Addons for Elementor < 2.0.9 - Contributor+ Private Post Title Disclosure
The RTMKit WordPress plugin before 2.0.9 does not perform a capability check in one of its AJAX actions and resolves a request-supplied post identifier directly, allowing users with at least the Contributor role to read the titles of other users' private, draft, pending, scheduled and trashed pos...
EUVD-2026-44878
The Header Footer Builder for Elementor WordPress plugin before 1.2.1 does not require an administrative capability for its dashboard template-import action it allows any editposts user, so a Contributor can import a template containing an Elementor HTML widget configured to display site-wide,...
CVE-2025-14785 Website Builder by SeedProd - Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'seedprodnestedmenuwidget' Shortcode
The Website Builder by SeedProd - Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's seedprodnestedmenuwidget shortcode in all versions up to, and including, 6.20.2 due to insufficient input...
CVE-2026-57765
Contributor SQL Injection in WP EasyCart = 5.9.0 versions...
CVE-2026-11781 Adminify < 4.2.10 - Contributor+ Sensitive Information Disclosure via Global Search AJAX
The Adminify WordPress plugin before 4.2.10 does not perform per-user read-capability checks on the results returned by one of its administration search features, allowing users with a low-privilege role Contributor to disclose non-public content that WordPress would not otherwise expose to them,...
EUVD-2026-38692
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2026-10531
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2026-10531 AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2026-10531
The CVE describes Stored XSS in the WordPress plugin “AI Share & Summarize” prior to version 2.0.4. The root cause is insufficient sanitisation/escaping of shortcode attributes (notably title_style) before output, enabling users with the Contributor role or higher to inject scripts on pages. Affe...
CVE-2026-41934 Vvveb < 1.0.8.2 Authenticated RCE via Code Editor
Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through insufficient file extension restrictions, with the uploaded payload then executable via subsequent...
Exploit for CVE-2025-66849
CVE-2025-66849 Ghost CMS Privilege Escalation PoC Summar...
CVE-2026-1753
The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options such as userscanregister...
EUVD-2025-209042
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15433
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15433
The Shared Files WordPress plugin, versions before 1.7.58, is affected by a path traversal vulnerability that allows users with a role as low as Contributor to arbitrarily download any file on the web server (e.g., wp-config.php). Root cause: improper validation in file download logic. Affected p...
CVE-2025-15433
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15363 Get Use APIs < 2.0.10 - Contributor+ Stored XSS
The Get Use APIs WordPress plugin before 2.0.10 executes imported JSON, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks under certain server configurations...
CVE-2025-15491
The CVE refers to the Post Slides WordPress plugin (versions up to 1.0.1) where a flaw in shortcode attribute validation allows generation of include paths, enabling Local File Inclusion (LFI) for authenticated users (e.g., contributor or higher). Root cause: some shortcode attributes are not val...
WordPress Brizy - Page Builder plugin <= 2.4.41 - Authenticated(Contributor+) Stored Cross-Site Scripting vulnerability
WordPress Brizy - Page Builder plugin = 2.4.41 - AuthenticatedContributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Brizy versions = 2.4.41...