15745 matches found
CVE-2025-49339
Technical details for CVE-2025-49339 are not provided in the Initial or Connected documents; no product/version/impact info available here. Monitor for updates.
CVE-2025-49340 WordPress Direct Payments WP plugin <= 1.3.0 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Digages Direct Payments WP allows Retrieve Embedded Sensitive Data.This issue affects Direct Payments WP: from n/a through 1.3.0...
CVE-2025-49340
CVE-2025-49340 concerns Exposure of Embedded Sensitive Data in Direct Payments WP (Direct Payments WP) with affected range from n/a through
CVE-2025-62123
Technical details for CVE-2025-62123 are not available in the provided documents. The initial description mentions a CSRF issue in WP Gmail SMTP WP-Gmail-SMTP across versions, but no vendor/product/version/remediation details are confirmed here.
WordPress Appointify plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by 0xVenus in WordPress Plugin Appointify versions = 1.0.8...
CVE-2025-49334 WordPress MyD Delivery plugin <= 1.7.1 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Eduardo Villão MyD Delivery myd-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyD Delivery: from n/a through = 1.7.1...
CVE-2025-59136
CVE-2025-59136 affects Efí Bank – Gerencianet Oficial (WordPress/WooCommerce plugin). Issue: Insertion of Sensitive Information Into Sent Data, causing exposure of embedded sensitive data. Root cause: mis-handling of data during transmission from Efí Bank to Gerencianet Oficial. Affected versions...
CVE-2025-62139
CVE-2025-62139 affects the Terms descriptions plugin (versions
WordPress QuadLayers TikTok Feed plugin <= 4.6.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin QuadLayers TikTok Feed versions = 4.6.5...
CVE-2025-62117
Technical details for CVE-2025-62117 are not provided in the supplied documents. No confirmed affected products, impact, or fixes are disclosed here. Monitor official advisories for updates.
CVE-2025-62134
Technical details for CVE-2025-62134 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2025-62134 WordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through = 1.5.1...
WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Core Web Vitals & PageSpeed Booster versions = 1.0.28...
CVE-2025-62142
Technical details about CVE-2025-62142 are not provided in the supplied documents. The connected materials do not specify affected products, root cause, or fixes; monitor for updates.
CVE-2025-62095 WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through = 1.3.2...
CVE-2025-62095
CVE-2025-62095 – Bootstrap Modals (WordPress plugin)
WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Bootstrap Modals versions = 1.3.2...
CVE-2025-62096
CVE-2025-62096 corresponds to a Stored XSS in the WordPress plugin Maximum Products per User for WooCommerce. The Wordfence entry (connected document) lists the affected software as Maximum Products per User for WooCommerce and notes vulnerability type as Authenticated (Contributor+) Stored Cross...
CVE-2025-62111
CVE-2025-62111 affects the WordPress plugin Extra Shortcodes (
CVE-2025-62111 WordPress Extra Shortcodes plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Extra Shortcodes extra-shortcodes allows Stored XSS.This issue affects Extra Shortcodes: from n/a through = 2.2...