CVE-2025-31643 WordPress WPCHURCH plugin <= 2.7.0 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-31643 WordPress WPCHURCH plugin <= 2.7.0 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-31643

CVE-2025-31643 affects Dasinfomedia WPCHURCH up to version 2.7.0. The issue is described as an Incorrect Privilege Assignment that enables Privilege Escalation (high severity CVSS 3.1: 8.8; network, low attack complexity, low privileges required, no user interaction). Public exploit details are n...

CVE-2025-31642

CVE-2025-31642 – WPCHURCH Reflected XSS is confirmed in multiple sources for WordPress WPCHURCH up to version 2.7.0. The vulnerability arises from improper input neutralization during web page generation, enabling a reflected cross-site scripting attack. Affected software: Dasinfomedia WPCHURCH

CVE-2025-32304 WordPress WPCHURCH plugin <= 2.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mojoomla WPCHURCH allows PHP Local File Inclusion.This issue affects WPCHURCH: from n/a through 2.7.0...

WordPress WPCHURCH plugin <= 2.7.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Phúc ton luoi in WordPress Plugin WPCHURCH versions = 2.7.0...