CVE-2025-13685 Photo Gallery by Ays <= 6.4.8 - Cross-Site Request Forgery to Bulk Actions

The Photo Gallery by Ays plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.4.8. This is due to missing nonce verification on the bulk action functionality in the 'processbulkaction' function. This makes it possible for unauthenticated attacke...

WordPress plugin SurveyJS 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress Beaver Builder – WordPress Page Builder plugin <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Global Preset Modification vulnerability

Missing Authorization to Authenticated Contributor+ Global Preset Modification vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Beaver Builder versions = 2.9.4...

CVE-2025-66415

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is...

WordPress Tutor LMS Elementor Addons plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mdr in WordPress Plugin Tutor LMS Elementor Addons versions = 3.0.1...

WordPress Quiz And Survey Master plugin <= 10.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Quiz And Survey Master versions = 10.3.2...

WordPress OnPay.io for WooCommerce plugin <= 1.0.47 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin OnPay.io for WooCommerce versions = 1.0.47...

WordPress Simple Folio plugin <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Simple Folio versions = 1.1.0...

WordPress Tiare Membership plugin <= 1.2 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by シルAsuna in WordPress Plugin Tiare Membership versions = 1.2...

CVE-2025-13540 Tiare Membership <= 1.2 - Unauthenticated Privilege Escalation

The Tiare Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. This is due to the 'tiaremembershipinitrestapiregister' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attacker...

CVE-2025-12579 Reuters Direct <= 3.0.0 - Missing Authorization to Unauthenticated Settings Reset

The Reuters Direct plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'logoff' action in all versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to reset the plugin's settings...

CVE-2025-12578 Reuters Direct <= 3.0.0 - Cross-Site Request Forgery to Settings Reset

The Reuters Direct plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation on the the 'class-reuters-direct-settings.php' page. This makes it possible for unauthenticated attackers to reset...

WordPress EduKart Pro plugin elevation of privilege vulnerability

WordPress EduKart Pro plugin is an e-commerce plugin for the WordPress platform that is primarily used to build and manage online stores. WordPress EduKart Pro plugin has an elevation of privilege vulnerability that stems from the edukartproregisteruserfrontend function not restricting user...

WordPress Frontend File Manager Plugin Insecure Direct Object Reference Vulnerability

WordPress Frontend File Manager Plugin is a plugin that allows users to upload, manage and share files through a frontend interface that supports secure storage and permission control. WordPress Frontend File Manager Plugin suffers from an insecure direct object reference vulnerability that stems...

WordPress plugin atec Duplicate Page & Post has an unspecified vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin atec Duplicate Page & Post 1.2.20 and earli...

WordPress plugin Reuters Direct 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2025-48261

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpfc db fix callback function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

PT-2025-48228

The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.4. This is due to the plugin not properly logging in a user with the data that was previously verified through the 'findall membership check facebook user' and the 'findall...

WordPress Reuters Direct plugin <= 3.0.0 - Cross-Site Request Forgery to Settings Reset vulnerability

Cross-Site Request Forgery to Settings Reset vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Reuters Direct versions = 3.0.0...

WordPress Featured Post Creative plugin <= 1.5.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Featured Post Creative versions = 1.5.5...