CVE-2025-14386

The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the 'generatessourl' and 'validatessotoken' functions in versions 2.4.4 to 2.5.12. This makes it...

CVE-2025-14386 Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization 2.4.4 - 2.5.12 - Missing Authorization to Authenticated (Subscriber+) Authentication Bypass via Account Takeover

The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the 'generatessourl' and 'validatessotoken' functions in versions 2.4.4 to 2.5.12. This makes it...

PT-2026-5088

The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the 'generate sso url' and 'validate sso token' functions in versions 2.4.4 to 2.5.12. This makes it...

EUVD-2022-30262

Malicious code in bioql PyPI...

EUVD-2022-43521

Malicious code in bioql PyPI...

Exploit for CVE-2024-9698

CVE-2024-9698 Crafthemes Demo Import " 🔥 Example O...

Remote code execution

The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading t...

PT-2023-32392 · WordPress · Export Any Wordpress Data To Xml/Csv +1

Name of the Vulnerable Software and Affected Versions: Export any WordPress data to XML/CSV WordPress plugin versions prior to 1.4.0 WP All Export Pro WordPress plugin versions prior to 1.8.6 Description: The issue allows attackers to make logged-in users perform unwanted actions, leading to remo...

CVE-2022-40223

Nonce token leakage and missing authorization in SearchWP premium plugin = 4.2.5 on WordPress leading to plugin settings change...

Authorization

Nonce token leakage and missing authorization in SearchWP premium plugin = 4.2.5 on WordPress leading to plugin settings change...

CVE-2022-40223 WordPress SearchWP premium plugin <= 4.2.5 - Broken Authentication vulnerability

Nonce token leakage and missing authorization in SearchWP premium plugin = 4.2.5 on WordPress leading to plugin settings change...

CVE-2022-40223 WordPress SearchWP premium plugin <= 4.2.5 - Broken Authentication vulnerability

Nonce token leakage and missing authorization in SearchWP premium plugin = 4.2.5 on WordPress leading to plugin settings change...

WordPress SearchWP premium plugin <= 4.2.5 - Broken Authentication vulnerability

Broken Authentication vulnerability via Nonce Token Leakage Leading to Plugin Settings Change discovered by Dave Jong Patchstack in the WordPress SearchWP premium plugin versions = 4.2.5. Solution Update the WordPress SearchWP plugin to the latest available version at least 4.2.6...

WordPress Responsive Menu Plugin < 4.1.8 Information Disclosure Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:expresstech:responsivemenu"; ifdescription...

CVE-2022-25602

Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin versions = 4.1.7...

Design/Logic Flaw

Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin versions = 4.1.7...

CVE-2022-25602 WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability

Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin versions = 4.1.7...

CVE-2022-25602

CVE-2022-25602 affects the WordPress Responsive Menu plugin (versions ≤ 4.1.7). A nonce token leak enables arbitrary file upload, theme deletion, and plugin settings changes. Multiple connected sources (Patchstack, WPVulndb, NVD/NVD-derived entries) corroborate the impact and prioritization as a ...

WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability

Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability discovered by Dave Jong Patchstack in WordPress Responsive Menu plugin versions = 4.1.7. Solution Update the WordPress Responsive Menu plugin to the latest available version at least 4.1.8...

WordPress Plugin Google Map 4.0.4 - SQL Injection

WordPress Plugin Google Map 4.0.4 - SQL Injection Title: WordPress Google Map Plugin getresults Vulnerable Variable: $GET'order' Vulnerable URL: http://vulnerablesite.com/wp-admin/admin.php?page=wpgmpmanagelocation&orderby=locationaddress&order=asc PROCEDURE...