WordPress Easy Theme Options plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Import vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Settings Import vulnerability discovered by Legion Hunter in WordPress Plugin Easy Theme Options versions = 1.0...

WordPress Eyewear prescription form plugin <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Product Creation vulnerability

Missing Authorization to Unauthenticated Arbitrary WooCommerce Product Creation vulnerability discovered by WordFence in WordPress Plugin Eyewear prescription form versions = 6.0.1...

WordPress Gallery Blocks with Lightbox plugin <= 3.3.0 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Modification vulnerability

Missing Authorization to Authenticated Contributor+ Plugin Settings Modification vulnerability discovered by Karol in WordPress Plugin SimpLy Gallery versions = 3.3.0...

WordPress Redux Framework plugin <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via data Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Redux Framework versions = 4.5.8...

WordPress a3 Lazy Load plugin <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin a3 Lazy Load versions = 2.7.5...

WordPress rtMedia for WordPress, BuddyPress and bbPress plugin 4.7.0-4.7.3 - Missing Authorization to Unauthenticated Information Disclosure

Missing Authorization to Unauthenticated Information Disclosure vulnerability discovered by kr0d in WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress versions 4.7.0-4.7.3...

WordPress Colibri Page Builder plugin <= 1.0.335 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Colibri Page Builder versions = 1.0.335...

WordPress Kingcabs plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via progressbarLayout Parameter vulnerability discovered by Peter Thaleikis in WordPress Theme Kingcabs versions = 1.1.9...

WordPress Kingcabs plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter vulnerability

Software : Kingcabs Type : Theme Vulnerable versions : = 1.1.9 Fixed in : 1.1.10 OWASP Top 10 : A3: Injection Classification : Cross Site Scripting XSS CVE ID : CVE-2025-7058 Patchstack priority : Low CVSS severity : 6.5 Required privilege : Contributor Developer : Claim ownership PSID :...

WordPress YITH WooCommerce Quick View plugin <= 2.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via yith_quick_view Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via yithquickview Shortcode vulnerability discovered by zaim in WordPress Plugin YITH WooCommerce Quick View versions = 2.7.0...

WordPress Mavix Education plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) 'Creativ Demo Importer' Plugin Activation vulnerability

Missing Authorization to Authenticated Subscriber+ 'Creativ Demo Importer' Plugin Activation vulnerability discovered by Jonas Benjamin Friedli in WordPress Theme Mavix Education versions = 1.0...

WordPress Mavix Education plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) 'Creativ Demo Importer' Plugin Activation vulnerability

Software : Mavix Education Type : Theme Vulnerable versions : = 1.0 Fixed in : 1.1 OWASP Top 10 : A1: Broken Access Control Classification : Broken Access Control CVE ID : CVE-2025-11164 Patchstack priority : Low CVSS severity : 4.3 Required privilege : Subscriber Developer : Claim ownership PSID...

WordPress Header Footer Script Adder – Insert Code in Header, Body & Footer plugin <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Powpy in WordPress Plugin Header Footer Script Adder versions = 2.0.5...

WordPress Emplibot plugin <= 1.0.9 - Authenticated (Admin+) Server-Side Request Forgery vulnerability

Authenticated Admin+ Server-Side Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Emplibot versions = 1.0.9...

WordPress 404 Solution plugin <= 3.1.0 - Authenticated (Admin+) SQL Injection via 'filterText' Parameter vulnerability

Authenticated Admin+ SQL Injection via 'filterText' Parameter vulnerability discovered by Muhamad Visat in WordPress Plugin 404 Solution versions = 3.1.0...

WordPress HT Slider for Elementor plugin <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin HT Slider For Elementor versions = 1.7.4...

WordPress Design Import/Export plugin <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import vulnerability

Authenticated Administrator+ SQL Injection via XML File Import vulnerability discovered by ChamlaVic in WordPress Plugin Design Import/Export versions = 2.2...

WordPress HAPPY – Helpdesk Support Ticket System plugin <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Ticket Reply vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin HAPPY versions = 1.0.9...

WordPress Custom Post Type UI plugin <= 1.18.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'label' Import Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'label' Import Parameter vulnerability discovered by type5afe in WordPress Plugin Custom Post Type UI versions = 1.18.1...

WordPress Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin <= 5.1.3 - Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Tracking Opt-In/Opt-Out Modification vulnerability discovered by Legion Hunter in WordPress Plugin Employee Spotlight versions = 5.1.3...

WordPress Image Slider by Ays- Responsive Slider and Carousel plugin <= 2.7.0 - Cross-Site Request Forgery to Arbitrary Slider Deletion vulnerability

Cross-Site Request Forgery to Arbitrary Slider Deletion vulnerability discovered by ChamlaVic in WordPress Plugin Image Slider by Ays versions = 2.7.0...

WordPress GenerateBlocks plugin <= 2.1.2 - Authenticated (Contributor+) Information Exposure via Metadata vulnerability

Authenticated Contributor+ Information Exposure via Metadata vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin GenerateBlocks versions = 2.1.2...

WordPress WPGraphQL Smart Cache plugin < 2.0.1 - Unauthenticated Private Content Disclosure vulnerability

Unauthenticated Private Content Disclosure vulnerability discovered by WPscan in WordPress Plugin WPGraphQL Smart Cache versions 2.0.1...

WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Directory Pro versions = 2.5.6...

WordPress Trinity Audio plugin <= 5.23.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Trinity Audio versions = 5.23.3...

WordPress Fix Media Library plugin <= 2.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Fix Media Library versions = 2.0...

WordPress Easy Property Listings plugin <= 3.5.20 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Easy Property Listings versions = 3.5.20...

WordPress InstaWP Connect plugin <= 0.1.1.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin InstaWP Connect versions = 0.1.1.9...

WordPress WPMasterToolKit (WPMTK) plugin <= 2.13.0 - Authenticated (Author+) Code Injection vulnerability

Authenticated Author+ Code Injection vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin WPMasterToolKit versions = 2.13.0...

WordPress WP Webhooks plugin <= 3.3.8 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WP Webhooks versions = 3.3.8...

WordPress Ultimate Auction plugin <= 4.3.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...

WordPress Ultimate Auction plugin <= 4.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...

WordPress Simple CSV Table plugin <= 1.0.1 - Directory Traversal to Authenticated (Contributor+) Arbitrary File Read vulnerability

Directory Traversal to Authenticated Contributor+ Arbitrary File Read vulnerability discovered by Ivan Cese in WordPress Plugin Simple CSV Table versions = 1.0.1...

WordPress VikRentItems Flexible Rental Management System plugin <= 1.2.0 - Reflected Cross-Site Scripting via 'delto' Parameter vulnerability

Reflected Cross-Site Scripting via 'delto' Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin VikRentItems Flexible Rental Management System versions = 1.2.0...

WordPress Fancy Product Designer plugin <= 6.4.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload vulnerability

Unauthenticated Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by WordFence in WordPress Plugin Fancy Product Designer versions = 6.4.8...

WordPress Flow-Flow Social Feed Stream plugin 3.0.0-4.7.5 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by kr0d in WordPress Plugin Flow-Flow Social Stream versions 3.0.0-4.7.5...

WordPress Campay Woocommerce Payment Gateway plugin <= 1.2.2 - Unauthenticated Payment Bypass vulnerability

Unauthenticated Payment Bypass vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Campay Woocommerce Payment Gateway versions = 1.2.2...

WordPress FunnelKit – Funnel Builder for WooCommerce Checkout plugin <= 3.13.1.5 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Marcin Dudek dudekmar - CERT.PL in WordPress Plugin Funnel Builder by FunnelKit versions = 3.13.1.5...

WordPress WP User Manager plugin <= 2.9.12 - Authenticated (Subscriber+) Arbitrary File Deletion via 'current_user_avatar' Parameter vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via 'currentuseravatar' Parameter vulnerability discovered by YCInfosec in WordPress Plugin WP User Manager versions = 2.9.12...

WordPress Infility Global plugin <= 2.14.42 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by kr0d in WordPress Plugin Infility Global versions = 2.14.42...

WordPress Multi Uploader for Gravity Forms plugin <= 1.1.7 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Multi Uploader for Gravity Forms versions = 1.1.7...

WordPress 评论小秘书 plugin <= 1.3.2 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin 评论小秘书 versions = 1.3.2...

WordPress Category Dropdown List plugin <= 1.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Category Dropdown List versions = 1.0...

WordPress WPLG Default Mail From plugin <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin WPLG Default Mail From versions = 1.0.0...

WordPress Complag plugin <= 1.0.2 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Complag versions = 1.0.2...

WordPress Accept Stripe Payments Using Contact Form 7 plugin <= 3.1 - Reflected Cross-Site Scripting via failure_message vulnerability

Reflected Cross-Site Scripting via failuremessage vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Accept Stripe Payments Using Contact Form 7 versions = 3.1...

WordPress Like DisLike Voting plugin <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Like DisLike Voting versions = 1.0.1...

WordPress Jobmonster Elementor Addon plugin <= 1.1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Jobmonster Elementor Addon versions = 1.1.4...

WordPress Blaze Demo Importer plugin 1.0.0-1.0.13 - Missing Authorization to Authenticated (Subscriber+) Database Reset and File Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Database Reset and File Deletion vulnerability discovered by kr0d in WordPress Plugin Blaze Demo Importer versions 1.0.0-1.0.13...

WordPress WPNakama plugin <= 0.6.3 - Unauthenticated SQL Injection via 'order_by' Parameter vulnerability

Unauthenticated SQL Injection via 'orderby' Parameter vulnerability discovered by WordFence in WordPress Plugin WPNakama versions = 0.6.3...