File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read

The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read...

WP Directory Kit <= 1.4.4 - Authentication Bypass

The WP Directory Kit plugin for WordPress version 1.4.4 and below contains an authentication bypass vulnerability in its auto-login functionality. The vulnerability allows unauthenticated attackers to gain administrative access by exploiting a cryptographically weak token generation mechanism tha...

WP Google Maps < 9.0.48 - Cross-Site Scripting

WP Google Maps WordPress plugin 9.0.48 contains a stored XSS vulnerability caused by unsanitized user input in AJAX actions, letting unauthenticated attackers execute scripts via stored payloads. id: CVE-2025-11307 info: name: WP Google Maps 9.0.48 - Cross-Site Scripting author: 0xAkoko severity:...

Trinity Audio <= 5.21.0 - Information Exposure

The Trinity Audio Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the /admin/inc/phpinfo.php file that gets created on install. This makes it possible for...

Hippoo Mobile App for WooCommerce <= 1.7.1 - Unauthenticated Arbitrary File Read

The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to and including 1.7.1 via the templateredirect function. The plugin registers 'hippooserve' as a WordPress query variable and uses it to serve PWA files from the pwa/ directory. In...

Integrate Google Drive <= 1.5.3 - Information Disclosure

File Manager for Google Drive - Integrate Google Drive with WordPress plugin for WordPress = 1.5.3 contains sensitive information exposure caused by improper protection of the getlocalizedata function, letting unauthenticated attackers extract Google OAuth credentials and account email addresses,...

TI WooCommerce Wishlist <= 2.9.2 - Arbitrary File Upload

TemplateInvaders TI WooCommerce Wishlist = 2.10.0 contains an unrestricted file upload vulnerability caused by lack of proper file type validation, letting attackers upload web shells to the server, exploit requires no special privileges. id: CVE-2025-47577 info: name: TI WooCommerce Wishlist =...

WordPress CBX Bookmark & Favorite Plugin <= 2.0.4 - SQL Injection

CBX Bookmark & Favorite WordPress plugin = 2.0.4 contains a SQL injection caused by insufficient escaping of the 'orderby' parameter, letting authenticated attackers with Subscriber-level access extract sensitive database information id: CVE-2025-13652 info: name: WordPress CBX Bookmark & Favorit...

Abandoned Cart Lite for WooCommerce < 5.2.0 - Cross-Site Scripting

The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping. i...

Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated settings import/export

includes/options.php in the motors-car-dealership-classified-listings aka Motors - Car Dealer & Classified Ads plugin through 1.4.0 for WordPress allows unauthenticated options changes. id: CVE-2019-17228 info: name: Motors Car Dealer & Classified Ads = 1.4.0 - Unauthenticated settings...

WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting

The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the album's name before outputting it in pages or posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting XSS attacks even when the unfiltered-html capabilit...

Featurific For WordPress 1.6.2 - Cross-Site Scripting

A cross-site scripting vulnerability in cachedimage.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the snum parameter. id: CVE-2011-5265 info: name: Featurific For WordPress 1.6.2 - Cross-Site Scripting author:...

WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload

WordPress eaSync Booking plugin bundle for hotel, restaurant and car rental before 1.1.16 is susceptible to arbitrary file upload. The plugin contains insufficient input validation of an AJAX action. An allowlist of valid file extensions is defined but is not used during the validation steps. An...

Frontend File Manager < 21.3 - Unauthenticated File Renaming

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server id:...

WP Cerber Security, Anti-spam & Malware Scan < 8.9.6 - Cross-Site Scripting

The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability. id: CVE-2022-0429 info: name: W...

ARMember < 3.4.8 - Unauthenticated Admin Account Takeover

The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username. id:...

Adning Advertising <= 1.5.5 - Arbitrary File Upload

The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...

Premium Addons for Elementor - Unauthenticated Information Disclosure

Premium Addons for Elementor plugin for WordPress version 4.11.53 and below contains an unauthenticated information disclosure vulnerability.The vulnerability exists due to a missing authorization check in the gettemplatecontent AJAX handler, allowing unauthenticated attackers to retrieve private...

Broadstreet WordPress plugin - Reflected XSS

Broadstreet WordPress plugin 1.51.8 contains a reflected XSS caused by unsanitised and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires victim interaction. id: CVE-2025-4652 info: name: Broadstreet WordPress plugin -...

IP2Location Country Blocker < 2.38.9 - Unauthenticated Information Disclosure

IP2Location Country Blocker plugin for WordPress up to version 2.38.8 contains a regular information exposure caused by missing capability checks on admininit, letting unauthenticated attackers view plugin settings, exploit requires no special conditions. id: CVE-2025-1361 info: name: IP2Location...