HyperComments <= 1.2.2 - Arbitrary Options Update

The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hcrequesthandler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to...

CVE-2026-0912

CVE-2026-0912 concerns the WordPress plugin Toret Manager (versions up to 1.2.7). Wordfence notes an authenticated (Subscriber+) Arbitrary Options Update vulnerability via AJAX actions due to missing capability checks in trman_save_option and trman_save_option_items, enabling an attacker to updat...

PT-2026-20629

Name of the Vulnerable Software and Affected Versions Toret Manager plugin for WordPress versions up to and including 1.2.7 Description The Toret Manager plugin for WordPress has a flaw that allows unauthorized modification of data, potentially leading to privilege escalation. This is due to a...

CVE-2025-15157 Starfish Review Generation & Marketing for WordPress <= 3.1.19 - Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults

The Starfish Review Generation & Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'srmrestoreoptionsdefaults' function in all versions up to, and including, 3.1.19. This...

WordPress AS Password Field In Default Registration Form plugin <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by Drew Webber mcdruid in WordPress Plugin AS Password Field In Default Registration Form versions = 2.0.0...

CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover

The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...

CVE-2025-14996

CVE-2025-14996 affects the AS Password Field In Default Registration Form WordPress plugin (

CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover

The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...

WordPress plugin AS Password Field In Default Registration Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

PT-2026-1413

Name of the Vulnerable Software and Affected Versions AS Password Field In Default Registration Form plugin for WordPress versions prior to 2.0.1 Description The plugin does not properly validate a user’s identity before allowing password updates. This allows unauthenticated attackers to change...

CVE-2025-11985 Realty Portal <= 0.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'rpsavepropertysettings' function in versions 0.1 to 0.4.1. This makes it possible for authenticated attackers, with...

PT-2025-6457 · WordPress +1 · Wordpress +1

Name of the Vulnerable Software and Affected Versions: Apus Framework plugin for WordPress versions prior to 2.3 Description: The issue allows authenticated attackers with Subscriber-level access and above to update arbitrary options on the WordPress site due to a missing capability check on the...

CVE-2024-7425

The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to improper user input validation and sanitization in all versions up to, and including, 1.9.1. This makes it possible for authenticated attackers, with Shop...

PT-2025-1759 · WordPress · Royal Core

Name of the Vulnerable Software and Affected Versions: Royal Core plugin for WordPress versions up to, and including, 2.9.2 Description: The issue allows authenticated attackers with Subscriber-level access and above to update arbitrary options on the WordPress site due to a missing capability...

CVE-2024-9235

The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...

CVE-2024-24809

Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this...

TwoNav 跨站脚本漏洞

TwoNav is an open source and free bookmark navigation management program by tznb1 open source. A cross-site scripting vulnerability exists in TwoNav version v2.0.28-20230624, which stems from a default setting that allows free registration, resulting in stored XSS...

CVE-2021-24158

Orbit Fox by ThemeIsle has a feature to add a registration form to both the Elementor and Beaver Builder page builders functionality. As part of the registration form, administrators can choose which role to set as the default for users upon registration. This field is hidden from view for...

Zammad Security Vulnerability

Zammad is a suite of ticket management software from the German company Zammad. A security vulnerability exists in versions prior to Zammad 3.5.1 that stems from the fact that the default registration role newly created user can be a privileged role configured by an administrator. This behavior w...