CVE-2025-67533

CVE-2025-67533 is a Stored XSS in Themify Portfolio Post (Themify Portfolio Post) affecting versions up to and including 1.3.0. The vulnerability arises from improper input neutralization during web page generation, enabling an attacker to inject malicious script that can execute in an authentica...

CVE-2025-67535

CVE-2025-67535 affects the WordPress WP Maps plugin (wp-google-map-plugin)

CVE-2025-67534 WordPress Rencontre plugin <= 3.13.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through = 3.13.7...

CVE-2025-67519

CVE-2025-67519 concerns an SQL Injection in the Ninja Tables (Ninja Tables) WordPress plugin, affecting Ninja Tables versions from n/a through 5.2.3. The vulnerability is described as Improper Neutralization of Special Elements used in an SQL Command. The provided documents do not include a concr...

CVE-2025-67519 WordPress Ninja Tables plugin <= 5.2.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows SQL Injection.This issue affects Ninja Tables: from n/a through = 5.2.3...

CVE-2025-64256 WordPress Simple Folio plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PressTigers Simple Folio simple-folio allows Cross Site Request Forgery.This issue affects Simple Folio: from n/a through = 1.1.0...

CVE-2025-64256

Technical details for CVE-2025-64256 are not provided in the supplied documents. No vendor/product/version, root cause, or remediation details are disclosed here; monitor for updates from official advisories.

WordPress plugin Generic Elements 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Яндекс Доставка (Boxberry) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

WordPress plugin SMTP Mail 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

WordPress plugin CWW Companion 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress plugin WooCommerce Payment Gateway – Paysera 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Social Photo Fetcher 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...

WordPress plugin Lobo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Simple Folio 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress plugin Formstack Online Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...

PT-2025-50002

Cross-Site Request Forgery CSRF vulnerability in ProteusThemes Custom Sidebars by ProteusThemes custom-sidebars-by-proteusthemes allows Cross Site Request Forgery.This issue affects Custom Sidebars by ProteusThemes: from n/a through = 1.0.3...

PT-2025-50032

Cross-Site Request Forgery CSRF vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

WordPress plugin Constant Contact + WooCommerce 安全漏洞

...

WordPress plugin ThirstyAffiliates 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...