WordPress AudioIgniter <= 2.0.2 - Unauthenticated IDOR

The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. The handleplaylistendpoint function accepted a user-controlled playlist ID and returned track data without authentication. id: CVE-2026-8679 info: name: WordPress...

WordPress FluentCRM <= 2.9.87 - Unauthenticated Blind SSRF

FluentCRM WordPress plugin = 2.9.87 contains a blind server-side request forgery caused by improper validation of the 'SubscribeURL' parameter, letting unauthenticated attackers make arbitrary web requests, exploit requires unconfigured SES bounce handling key. id: CVE-2026-7798 info: name:...

Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload

Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...

Stock Ticker <= 3.23.2 - Cross-Site Scripting

The Stock Ticker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in the ajaxstocktickerload function in versions up to, and including, 3.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting

WordPress Shortcodes and extra features plugin for the Phlox theme before 2.9.8 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the response. An attacker can inject arbitrary script in the browser of an unsuspecting...

Newsletter < 7.4.5 - Cross-Site Scripting

The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $SERVER'REQUESTURI' before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as...

WordPress WPQA <5.5 - Improper Access Control

WordPress WPQA plugin before 5.5 is susceptible to improper access control. The plugin lacks authentication in a REST API endpoint. An attacker can potentially discover private questions sent between users on the site. id: CVE-2022-1598 info: name: WordPress WPQA 5.5 - Improper Access Control...

WordPress Simple Link Directory <7.7.2 - SQL injection

WordPress Simple Link Directory plugin before 7.7.2 contains a SQL injection vulnerability. The plugin does not validate and escape the postid parameter before using it in a SQL statement via the qcopdupvoteaction AJAX action, available to unauthenticated and authenticated users. An attacker can...

Directorist < 7.5.4 - Local File Inclusion

Directorist before 7.5.4 is susceptible to Local File Inclusion as it does not validate the file parameter when importing CSV files. id: CVE-2023-2252 info: name: Directorist 7.5.4 - Local File Inclusion author: r3Y3r53 severity: low description: | Directorist before 7.5.4 is susceptible to Local...

Stock Ticker <= 3.23.2 - Cross-Site-Scripting

The Stock Ticker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in the ajaxstocktickersymbolsearchtest function in versions up to, and including, 3.23.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting

WordPress Panda Pods Repeater Field before 1.5.4 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. This can be leveraged against a user who has at least Contributor permission. An attacker can also steal...

WordPress JoomSport <5.2.8 - SQL Injection

WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operation...

WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpageid parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain...

WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting

WordPress Related Posts plugin prior to 2.1.3 contains a cross-site scripting vulnerability in the rp4wpheadingtext parameter. User input is not properly sanitized, allowing the insertion of arbitrary code that can allow an attacker to steal cookie-based authentication credentials and launch othe...

The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting

The Wordpress plugin Code Snippets before 2.14.3 does not escape the snippets-safe-mode parameter before reflecting it in attributes, leading to a reflected cross-site scripting issue. id: CVE-2021-25008 info: name: The Code Snippets WordPress Plugin 2.14.3 - Cross-Site Scripting author: cckuailo...

Blog2Social < 6.8.7 - Cross-Site Scripting

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.8.7 does not sanitise and escape the b2sShowByDate parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue. id: CVE-2021-24956 info: name: Blog2Social 6.8.7 - Cross-Site...

Contest Gallery < 13.1.0.6 - SQL injection

The plugin does not have capability checks and does not sanitise or escape the cg-search-user-name-original parameter before using it in a SQL statement when exporting users from a gallery, which could allow unauthenticated to perform SQL injections attacks, as well as get the list of all users...

WordPress Sniplets <=1.2.2 - Cross-Site Scripting

WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the text parameter to warning.php, notice.php, and inset.php in view/sniplets/, and possibly modules/execute.php; via the url parameter ...

WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting

WordPress Calendar Event Multi View plugin before 1.4.01 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize or escape the 'start' and 'end' GET parameters before outputting them in the page via php/edit.php. id: CVE-2021-24498 info: name: WordPress...

WordPress FoodBakery <2.2 - Cross-Site Scripting

WordPress FoodBakery before 2.2 contains an unauthenticated reflected cross-site scripting vulnerability. It does not properly sanitize the foodbakeryradius parameter before outputting it back in the response. id: CVE-2021-24389 info: name: WordPress FoodBakery 2.2 - Cross-Site Scripting author:...