WordPress plugin Soleil 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Fabrica 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin WP Voting Contest 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin designthemes Reservation Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

WordPress plugin InstaWP Connect 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin OpenID Connect Generic Client 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress plugin WordPress Contact Form 7 PDF 安全漏洞

...

PT-2025-51989

Name of the Vulnerable Software and Affected Versions Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress versions through 2.7.10 Description The WordPress Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin contains a Stored Cross-Site...

CVE-2025-67962

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AIOSEO Plugin Team Broken Link Checker broken-link-checker-seo allows SQL Injection.This issue affects Broken Link Checker: from n/a through = 1.2.6...

WordPress plugin HTML Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

EUVD-2025-203536

Cross-Site Request Forgery CSRF vulnerability in Meks Meks Quick Plugin Disabler meks-quick-plugin-disabler allows Cross Site Request Forgery.This issue affects Meks Quick Plugin Disabler: from n/a through = 1.0...

CVE-2025-68070 WordPress VK Google Job Posting Manager plugin <= 1.2.22 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vektor,Inc. VK Google Job Posting Manager vk-google-job-posting-manager allows Stored XSS.This issue affects VK Google Job Posting Manager: from n/a through = 1.2.22...

CVE-2025-68055 WordPress Hydra Booking plugin <= 1.1.32 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through = 1.1.32...

CVE-2025-67985

CVE-2025-67985 affects Document Library Lite (WordPress plugin) with an Unauthenticated Insecure Direct Object Reference due to insecure access controls. Impact recorded as medium (CVSS ~5.3) in the source; affected versions are Document Library Lite

CVE-2025-67962 WordPress Broken Link Checker plugin <= 1.2.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AIOSEO Plugin Team Broken Link Checker broken-link-checker-seo allows SQL Injection.This issue affects Broken Link Checker: from n/a through = 1.2.6...

CVE-2025-67950 WordPress All In One SEO Pack plugin <= 4.9.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through = 4.9.1...

CVE-2025-66134

CVE-2025-66134 concerns the WordPress plugin NinjaTeam FileBird Pro (FileBird Pro) with versions up to and including 6.4.9. The connected sources describe a missing/incorrectly configured authorization mechanism (broken access control) that permits exploitation through misconfigured access contro...

CVE-2025-66147 WordPress Coder for Elementor plugin <= 1.0.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Coder for Elementor coder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coder for Elementor: from n/a through = 1.0.13...

CVE-2025-66132

CVE-2025-66132 affects FAPI Member (WordPress plugin) according to Wordfence vulnerability details. The issue is described as an Unauthenticated Insecure Direct Object Reference (IDOR) affecting FAPI Member, with affected software listed as FAPI Member and versions up to at least 2.2.29. The entr...

CVE-2025-66127

CVE-2025-66127 concerns a Missing Authorization (broken access control) vulnerability in the WordPress plugin Essential Real Estate (g5theme Essential Real Estate) affecting versions up to 5.2.2. Affected software is the Essential Real Estate WordPress plugin; root cause is incorrectly configured...