WordPress WP Security Audit Log 3.1.1 - Information Disclosure

WordPress WP Security Audit Log 3.1.1 plugin is susceptible to information disclosure. Access to wp-content/uploads/wp-security-audit-log/ files is not restricted. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-8719 info: name:...

WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion

WordPress 99 Robots WP Background Takeover Advertisements 4.1.4 is susceptible to local file inclusion via exports/download.php. id: CVE-2018-9118 info: name: WordPress 99 Robots WP Background Takeover Advertisements =4.1.4 - Local File Inclusion author: 0xAkoko severity: high description: |...

Featurific For WordPress 1.6.2 - Cross-Site Scripting

A cross-site scripting vulnerability in cachedimage.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the snum parameter. id: CVE-2011-5265 info: name: Featurific For WordPress 1.6.2 - Cross-Site Scripting author:...

Skysa App Bar 1.04 - Cross-Site Scripting

A cross-site scripting vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly before 1.04, for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter. id: CVE-2011-5179 info: name: Skysa App Bar 1.04 - Cross-Site Scriptin...

WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)

A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter. id: CVE-2011-1669 info: name: WP Custom Pages 0.5.0.1 - Local File Inclusion LFI...

Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update

YIKES Inc. Custom Product Tabs for WooCommerce plugin \u003C= 1.7.7 contains a broken access control caused by improper permission checks in &yikes-the-content-toggle option update, letting attackers modify content without authorization. id: CVE-2022-28666 info: name: Custom Product Tabs for...

Post SMTP <= 3.6.0 - Email Log Disclosure

Post SMTP WordPress plugin = 3.6.0 contains an unauthorized data access vulnerability caused by missing capability check in construct function, letting unauthenticated attackers read arbitrary logged emails, exploit requires no authentication. id: CVE-2025-11833 info: name: Post SMTP = 3.6.0 -...

MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation

The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's...

wpDiscuz <= 5.3.5 - SQL Injection

A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. id: CVE-2020-13640 info: name: wpDiscuz = 5.3.5 - SQL Injection author: Sourabh-Sahu severity:...

WordPress OneTone theme <= 3.0.6 – Unauthenticated Stored XSS

includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress has multiple stored XSS issues. id: CVE-2019-17231 info: name: WordPress OneTone theme = 3.0.6 – Unauthenticated Stored XSS author: daffainfo severity: medium description: | includes/theme-functions.php in the OneTone...

WP Google Maps < 7.10.43 - Cross-Site Scripting

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATHINFO. id: CVE-2019-9912 info: name: WP Google Maps 7.10.43 - Cross-Site Scripting author: ritikchaddha severity: medium description: | The wp-google-maps plugin before 7.10.43 for WordPress has XSS via t...

Duplicator < 1.4.7.1 - Information Disclosure

The Duplicator WordPress plugin before 1.4.7 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site. id: CVE-2022-2552 info: name: Duplicator 1.4.7.1 - Information Disclosure author:...

WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting

The WP-Optimize WordPress plugin before 3.2.13 and SrbTransLatin WordPress plugin before 2.4.1 are vulnerable to cross-site scripting due to a third-party library that improperly handles HTML character escaping. id: CVE-2023-1119 info: name: WP-Optimize WordPress plugin 3.2.13 - Cross-Site...

WordPress Copyright Proof <=4.16 - Cross-Site-Scripting

WordPress Copyright Proof plugin 4.16 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users when a specific setting is enabled. id: CVE-2022-1906...

ARMember < 3.4.8 - Unauthenticated Admin Account Takeover

The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username. id:...

WordPress Sensei LMS <4.5.0 - Information Disclosure

WordPress Sensei LMS plugin before 4.5.0 is susceptible to information disclosure. The plugin does not have proper permissions set in a REST endpoint, which can allow an attacker to access private messages. id: CVE-2022-2034 info: name: WordPress Sensei LMS 4.5.0 - Information Disclosure author:...

WordPress Cab fare calculator < 1.0.4 - Local File Inclusion

The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues. id: CVE-2022-1391 info: name: WordPress Cab fare calculator 1.0.4 - Local File Inclusion author: Splint3r7...

WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection

WordPress Pricing Deals for WooCommerce plugin through 2.0.2.02 contains a SQL injection vulnerability. The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or...

WordPress Personal Dictionary <1.3.4 - Blind SQL Injection

WordPress Personal Dictionary plugin before 1.3.4 contains a blind SQL injection vulnerability. The plugin fails to properly sanitize user-supplied POST data before being interpolated in an SQL statement and executed. An attacker can possibly obtain sensitive information, modify data, and/or...

Ubigeo de Peru < 3.6.4 - SQL Injection

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections. id: CVE-2022-0814 info: name: Ubigeo de Peru 3.6.4 - SQL Injection author: r3Y3r53...