CVE-2025-23504 WordPress Felan Framework plugin <= 1.1.3 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in RiceTheme Felan Framework felan-framework allows Authentication Abuse.This issue affects Felan Framework: from n/a through = 1.1.3...

CVE-2025-24634

CVE-2025-24634 affects the Orbisius Simple Notice WordPress plugin (versions ≤ 1.1.3). It is a Stored XSS due to improper input neutralization during web page generation. CVSS 3.1 base score 5.9 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L). Connected sources indicate patching in version 1.1.3 (patched),...

WordPress plugin CRM Perks Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...