CVE-2026-8073 Kirki <= 6.0.6 - Unauthenticated Limited Arbitrary File Read and Deletion via downloadZIP

The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation and missing capability check in the 'downloadZIP' function in all versions up to, and including, 6.0.6. This makes it possible for...

CVE-2026-8073

The CVE concerns the Kirki – Freeform Page Builder, Website Builder & Customizer WordPress plugin. Affected versions: all up to 6.0.6. Root cause: insufficient file path validation and missing capability check in the downloadZIP function. Impact: unauthenticated attackers can read and delete arbi...

CVE-2026-3335 Canto <= 3.1.1 - Missing Authorization to Unauthenticated File Upload

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

CVE-2026-2144 Magic Login Mail or QR Code <= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File Storage

The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename QRCode.png in the publicly accessible WordPress uploads...

CVE-2025-13494

The CVE covers the WordPress plugin SSP Debug (WordPress SSP Debugging) with versions up to and including 1.0.0. Root cause: the plugin stores PHP error logs in a web-accessible location (wp-content/uploads/ssp-debug/ssp-debug.log) without access controls. Impact: unauthenticated attackers can vi...

Exploit for CVE-2025-12973

S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image G...

CVE-2025-11692

CVE-2025-11692 affects the Zip Attachments WordPress plugin (versions up to 1.6). The vulnerability is due to missing authorization/capability checks on download.php, enabling unauthenticated attackers to delete arbitrary files in the wp_upload_dir. Connected sources (Wordfence, NVD, CVE records)...

CVE-2022-29451

Cross-Site Request Forgery CSRF leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin = 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory...

CVE-2021-24212

The WooCommerce Help Scout WordPress plugin before 2.9.1 https://woocommerce.com/products/woocommerce-help-scout/ allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp...

WordPress Neosense Theme Upload Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation.Neosense is a dynamic news theme for WordPress. An upload vulnerability exists in WordPress Neosense Theme. An attacker can exploit this vulnerability to upload arbitrary files to the...