3881 matches found
WordPress CBX Bookmark & Favorite Plugin <= 2.0.4 - SQL Injection
CBX Bookmark & Favorite WordPress plugin = 2.0.4 contains a SQL injection caused by insufficient escaping of the 'orderby' parameter, letting authenticated attackers with Subscriber-level access extract sensitive database information id: CVE-2025-13652 info: name: WordPress CBX Bookmark & Favorit...
CVE-2026-15350
The The Cache Purger plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.3.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2026-15407
The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2026-15610
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-15021 wpForo Forum <= 3.1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'location' Profile Field
The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'location' Profile Field in all versions up to, and including, 3.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access...
EUVD-2026-44899
The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'location' Profile Field in all versions up to, and including, 3.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access...
CVE-2026-15610 WPBot <= 8.5.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary RAG Document Re-Sync via ajax_rag_manual_sync() Function
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-15610
The WPBot – AI ChatBot for WordPress plugin (WordPress WPBot) up to version 8.5.6 is affected by an authorization bypass via the ajax_rag_manual_sync() function. The root cause is improper verification of a user’s authorization, enabling authenticated attackers with subscriber-level access or hig...
EUVD-2026-44891
The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2026-15407
The CVE-2026-15407 entry describes an authorization bypass in Themify Builder for WordPress up to version 7.7.7. The underlying issue is insufficient verification of a user’s authorization for actions performed via the tb_generate_on_fly AJAX action, enabling authenticated users with subscriber-l...
EUVD-2026-44884
The The Cache Purger plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.3.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2026-15350
CVE-2026-15350 affects the WordPress plugin The Cache Purger (up to version 2.3.20). The vulnerability is an authorization bypass that allows authenticated users with subscriber-level access or higher to permanently truncate the plugin’s cache-purge audit log (wp-content/purge.log), destroying th...
CVE-2026-12510
The AI Engine WordPress plugin before 3.5.5 does not verify that a user owns the chatbot conversation referenced by a client-supplied identifier, allowing users with subscriber-level access to read other users' private conversations and take over their conversation records when the discussions...
CVE-2026-12510 AI Engine < 3.5.5 - Subscriber+Chatbot Discussion Disclosure and Takeover via IDOR
The AI Engine WordPress plugin before 3.5.5 does not verify that a user owns the chatbot conversation referenced by a client-supplied identifier, allowing users with subscriber-level access to read other users' private conversations and take over their conversation records when the discussions...
EUVD-2026-44874
The AI Engine WordPress plugin before 3.5.5 does not verify that a user owns the chatbot conversation referenced by a client-supplied identifier, allowing users with subscriber-level access to read other users' private conversations and take over their conversation records when the discussions...
CVE-2026-12510
The CVE concerns the AI Engine WordPress plugin prior to version 3.5.5. It does not verify ownership of a chatbot conversation when a client-supplied identifier is used, enabling users with subscriber-level access to read other users’ private conversations and take over their conversation records...
CVE-2026-15336
The Catch Themes Demo Import plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 3.3. This is due to the catchthemesdemoimportactivateplugin function, hooked on admininit when the activateplugin GET parameter is present, calling PluginUpgrader::install to...
CVE-2026-15336
The CVE describes a vulnerability in the Catch Themes Demo Import plugin for WordPress (versions up to and including 3.3). The root cause is in catch_themes_demo_import_activate_plugin(), which is hooked on admin_init when the activate_plugin parameter is present and calls Plugin_Upgrader::instal...
CVE-2026-9341
CVE-2026-9341 affects The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution (WordPress) up to version 3.8.0. The root cause is an insecure direct object reference due to missing validation on a user-controlled key, exploitable via the AJAX handlers save_lesson_note , get_lesson_n...
EUVD-2026-43288
The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments...