Nevma Adaptive Images - Arbitrary File Deletion

Nevma Adaptive Images plugin before 0.6.67 for WordPress contains an arbitrary file deletion caused by unsanitized input in adaptive-images-script.php, letting remote attackers delete arbitrary files, exploit requires sending specific request parameters. id: CVE-2019-14206 info: name: Nevma...

Sunshine Photo Cart <= 3.2.5 - Reflected Cross-Site Scripting

WP Sunshine Sunshine Photo Cart versions up to 3.2.5 contain a reflected cross-site scripting caused by improper input neutralization during web page generation, letting attackers execute malicious scripts in users' browsers, exploit requires attacker to craft malicious input. id: CVE-2024-43971...

Crypto <= 2.15 - Authentication Bypass

The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due a to limited arbitrary method call to 'cryptoconnectajaxprocess::login' function in the 'cryptoconnectajaxprocess' function. This makes it possible for unauthenticated...

Formidable Form Builder < 2.05.03 - Unauthenticated Information Disclosure

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frmformspreview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form. id: CVE-2017-20194 info...

Abandoned Cart Lite for WooCommerce < 5.2.0 - Cross-Site Scripting

The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping. i...

Jeg Elementor Kit < 2.5.7 - Unauthenticated Settings Update

The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to update the...

Hunk Companion <= 1.8.4 - Arbitrary Plugin Installation

The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to...

WordPress FluentCRM <= 2.9.87 - Unauthenticated Blind SSRF

FluentCRM WordPress plugin = 2.9.87 contains a blind server-side request forgery caused by improper validation of the 'SubscribeURL' parameter, letting unauthenticated attackers make arbitrary web requests, exploit requires unconfigured SES bounce handling key. id: CVE-2026-7798 info: name:...

Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload

Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...

Frontend File Manager Plugin <= 23.5 - Unauthenticated Arbitrary Email Sending

Frontend File Manager Plugin WordPress plugin through 23.5 contains an open relay and unauthorized file access vulnerability caused by lack of authentication and security checks, letting unauthenticated attackers send emails and access files, exploit requires no authentication. id: CVE-2026-0829...

Quiz and Survey Master <= 8.1.4 - SQL Injection

ExpressTech Quiz And Survey Master versions up to 8.1.4 contains an SQL injection caused by improper neutralization of special elements used in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires user interaction. id: CVE-2023-28787 info: name: Quiz and Survey Master =...

Geo Mashup <= 1.13.17 - SQL Injection

Geo Mashup WordPress plugin = 1.13.17 contains a SQL injection caused by insufficient escaping of the 'sort' parameter, letting unauthenticated attackers extract sensitive database information remotely. id: CVE-2026-2416 info: name: Geo Mashup = 1.13.17 - SQL Injection author: Shivam Kamboj...

Post Grid <= 2.2.50 - Information Exposure via REST API

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. id: CVE-2023-40211 info: name: Post Grid = 2.2.50 - Information Exposure via REST API...

Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting

Caldera Forms WordPress plugin 1.9.7 contains a reflected cross-site scripting caused by lack of validation and escaping of the cf-api parameter in responses, letting attackers execute arbitrary scripts in victim's browser, exploit requires attacker to craft a malicious request. id: CVE-2022-0879...

Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update

The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction function...

Protect WP Admin < 4.0 - Unauthenticated Protection Bypass

The Protect WP Admin WordPress plugin before version 4.0 disclosed the URL of the admin panel through the redirection of a crafted URL, bypassing the protection offered. id: CVE-2023-3139 info: name: Protect WP Admin 4.0 - Unauthenticated Protection Bypass author: popcorn94 severity: medium...

ND Booking < 2.5 - Unauthenticated Options Change

The Hotel Booking WordPress plugin ND Booking 2.5 was affected by an Unauthenticated Options Change security vulnerability. id: CVE-2019-15774 info: name: ND Booking 2.5 - Unauthenticated Options Change author: popcorn94 severity: medium description: | The Hotel Booking WordPress plugin ND Bookin...

WP Mobile Detector <= 3.5 - Unrestricted File Upload

WP Mobile Detector plugin for WordPress = 3.5 contains an unrestricted file upload vulnerability caused by missing file type validation in resize.php, letting unauthenticated attackers upload arbitrary files, potentially leading to remote code execution. id: CVE-2016-15043 info: name: WP Mobile...

The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass

The Plus Addons for Elementor plugin before version 4.1.7 allowed attackers to bypass authentication, gain admin access, and create accounts with elevated roles, even when registration was disabled and the Login widget was inactive. id: CVE-2021-24175 info: name: The Plus Addons for Elementor Pag...

Gravity SMTP WordPress Plugin - Sensitive Information Exposure

Gravity SMTP WordPress plugin = 2.1.4 contains a sensitive information exposure caused by an unrestricted REST API endpoint at /wp-json/gravitysmtp/v1/tests/mock-data, letting unauthenticated attackers retrieve detailed system configuration data, exploit requires no authentication. id:...