Download Monitor < 4.4.5 - SQL Injection

The Download Monitor plugin for WordPress is vulnerable to SQL injection via the 'orderby' parameter in versions before 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attacker...

WordPress Perfect Images (WP Retina 2x) < 6.4.6 - Sensitive Information Exposure

Jordy Meow Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina versions up to 6.4.5 contain a vulnerability that exposes sensitive information to unauthorized actors, letting attackers access confidential data, exploit requires no specific conditions. id: CVE-2023-44982 info: name:...

Responsive Pricing Table <= 5.1.12 - Cross-Site Scripting

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'planicons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...

GiveWP <= 2.9.7 - Cross-Site Scripting

GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress versions before 2.10.0 is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in the admin Donors page. id: CVE-2021-24213 info: name: GiveWP = 2.9.7 - Cross-Site Scripting author: Shivam Kamboj severity: medium...

Nevma Adaptive Images - Arbitrary File Deletion

Nevma Adaptive Images plugin before 0.6.67 for WordPress contains an arbitrary file deletion caused by unsanitized input in adaptive-images-script.php, letting remote attackers delete arbitrary files, exploit requires sending specific request parameters. id: CVE-2019-14206 info: name: Nevma...

WordPress Loco Translate < 2.6.1 - Cross-Site Scripting

Loco Translate WordPress plugin before 2.6.1 contains a stored cross-site scripting vulnerability caused by improper removal of inline events from source translation strings, allowing authenticated users to inject arbitrary JavaScript payloads. id: CVE-2022-0765 info: name: WordPress Loco Transla...

Ozette Plugins - Cross-Site Request Forgery

An attacker can update, create, and remove the site's mobile redirects via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. id: CVE-2023-23897 info: name: Ozette Plugins - Cross-Site Request Forgery author: popcorn94 severity: medi...

Abandoned Cart Lite for WooCommerce < 5.2.0 - Cross-Site Scripting

The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping. i...

Jeg Elementor Kit < 2.5.7 - Unauthenticated Settings Update

The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to update the...

WordPress CTHthemes - Cross-Site Scripting

WordPress CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes contain reflected cross-site scripting vulnerabilities via a search query. id: CVE-2019-20210 info: name: WordPress CTHthemes - Cross-Site Scripting author: edoardottt severity: medium description: |...

WordPress Checklist <1.1.9 - Cross-Site Scripting

WordPress Checklist plugin before 1.1.9 contains a cross-site scripting vulnerability. The fill parameter is not correctly filtered in the checklist-icon.php file. id: CVE-2019-16525 info: name: WordPress Checklist 1.1.9 - Cross-Site Scripting author: daffainfo severity: medium description:...

WordPress API Bearer Auth <20190907 - Cross-Site Scripting

WordPress API Bearer Auth plugin before 20190907 contains a cross-site scripting vulnerability. The server parameter is not correctly filtered in swagger-config.yaml.php. id: CVE-2019-16332 info: name: WordPress API Bearer Auth 20190907 - Cross-Site Scripting author: daffainfo severity: medium...

WordPress Download Manager <2.9.94 - Cross-Site Scripting

WordPress Download Manager plugin before 2.9.94 contains a cross-site scripting vulnerability via the category shortcode feature, as demonstrated by the orderby or searchpublishdate parameter. id: CVE-2019-15889 info: name: WordPress Download Manager 2.9.94 - Cross-Site Scripting author: daffainf...

Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors. id: CVE-2020-8615 info: name: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Reque...

Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update

The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction function...

Protect WP Admin < 4.0 - Unauthenticated Protection Bypass

The Protect WP Admin WordPress plugin before version 4.0 disclosed the URL of the admin panel through the redirection of a crafted URL, bypassing the protection offered. id: CVE-2023-3139 info: name: Protect WP Admin 4.0 - Unauthenticated Protection Bypass author: popcorn94 severity: medium...

ND Booking < 2.5 - Unauthenticated Options Change

The Hotel Booking WordPress plugin ND Booking 2.5 was affected by an Unauthenticated Options Change security vulnerability. id: CVE-2019-15774 info: name: ND Booking 2.5 - Unauthenticated Options Change author: popcorn94 severity: medium description: | The Hotel Booking WordPress plugin ND Bookin...

WordPress JoomSport <5.2.8 - SQL Injection

WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operation...

WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting

WordPress Related Posts plugin prior to 2.1.3 contains a cross-site scripting vulnerability in the rp4wpheadingtext parameter. User input is not properly sanitized, allowing the insertion of arbitrary code that can allow an attacker to steal cookie-based authentication credentials and launch othe...

WordPress Bookit < 2.5.1 - Unauthenticated Stripe Settings Update

Bookit WordPress plugin 2.5.1 contains a broken access control vulnerability caused by a publicly accessible REST endpoint allowing unauthenticated update of Stripe payment options, letting remote attackers modify payment settings without authentication. id: CVE-2025-12841 info: name: WordPress...