WordPress Custom Frames plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'class' Shortcode Parameter vulnerability discovered by theviper17y in WordPress Plugin Custom Frames versions = 1.0.1...

WordPress Exhibz theme <= 3.0.9 - Local File Inclusion vulnerability

Software : Exhibz Type : Theme Vulnerable versions : = 3.0.9 Fixed in : 3.0.10 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-67523 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 211f5649fefe...

WordPress Exhibz theme <= 3.0.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Exhibz versions = 3.0.9...

WordPress Shortcode Loader plugin <= 1.0 - Unauthenticated Arbitrary Shortcode Execution via 'code' Parameter vulnerability

Unauthenticated Arbitrary Shortcode Execution via 'code' Parameter vulnerability discovered by Ivan Cese in WordPress Plugin Shortcode Ajax versions = 1.0...

WordPress Popover Windows plugin <= 1.2 - Cross-Site Request Forgery to Arbitrary Popover Configuration Update vulnerability

Cross-Site Request Forgery to Arbitrary Popover Configuration Update vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Popover Windows versions = 1.2...

WordPress Quick Testimonials plugin <= 2.1 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Jochem Boender in WordPress Plugin Quick Testimonials versions = 2.1...

WordPress Solutions Ad Manager plugin <= 1.0.0 - Unauthenticated Open Redirect via 'sam-redirect-to' Parameter vulnerability

Unauthenticated Open Redirect via 'sam-redirect-to' Parameter vulnerability discovered by Ivan Cese in WordPress Plugin Solutions Ad Manager versions = 1.0.0...

WordPress AnnunciFunebri Impresa plugin <= 4.7.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Options Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary plugin Options Deletion vulnerability discovered by Legion Hunter in WordPress Plugin AnnunciFunebri Impresa versions = 4.7.0...

WordPress Devs CRM – Manage tasks, attendance and teams all together plugin <= 1.1.8 - Missing Authorization to Unauthenticated Lead Tag Update vulnerability

Missing Authorization to Unauthenticated Lead Tag Update vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Devs CRM versions = 1.1.8...

WordPress Popup Builder plugin <= 1.1.37 - Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Settings Reset vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary plugin Settings Reset vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Popup Builder versions = 1.1.37...

WordPress Devs CRM plugin <= 1.1.8 - Unauthenticated Information Exposure vulnerability

Unauthenticated Information Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Devs CRM versions = 1.1.8...

WordPress Userback plugin <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) plugin's Configuration Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ plugin's Configuration Exposure vulnerability discovered by jsonc in WordPress Plugin Userback versions = 1.0.15...

WordPress Easy Theme Options plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Import vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Settings Import vulnerability discovered by Legion Hunter in WordPress Plugin Easy Theme Options versions = 1.0...

WordPress Eyewear prescription form plugin <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Product Creation vulnerability

Missing Authorization to Unauthenticated Arbitrary WooCommerce Product Creation vulnerability discovered by WordFence in WordPress Plugin Eyewear prescription form versions = 6.0.1...

WordPress Gallery Blocks with Lightbox plugin <= 3.3.0 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Modification vulnerability

Missing Authorization to Authenticated Contributor+ Plugin Settings Modification vulnerability discovered by Karol in WordPress Plugin SimpLy Gallery versions = 3.3.0...

WordPress Redux Framework plugin <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via data Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Redux Framework versions = 4.5.8...

WordPress a3 Lazy Load plugin <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin a3 Lazy Load versions = 2.7.5...

WordPress rtMedia for WordPress, BuddyPress and bbPress plugin 4.7.0-4.7.3 - Missing Authorization to Unauthenticated Information Disclosure

Missing Authorization to Unauthenticated Information Disclosure vulnerability discovered by kr0d in WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress versions 4.7.0-4.7.3...

WordPress Colibri Page Builder plugin <= 1.0.335 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Colibri Page Builder versions = 1.0.335...

WordPress Kingcabs plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via progressbarLayout Parameter vulnerability discovered by Peter Thaleikis in WordPress Theme Kingcabs versions = 1.1.9...

WordPress Kingcabs plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter vulnerability

Software : Kingcabs Type : Theme Vulnerable versions : = 1.1.9 Fixed in : 1.1.10 OWASP Top 10 : A3: Injection Classification : Cross Site Scripting XSS CVE ID : CVE-2025-7058 Patchstack priority : Low CVSS severity : 6.5 Required privilege : Contributor Developer : Claim ownership PSID :...

WordPress YITH WooCommerce Quick View plugin <= 2.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via yith_quick_view Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via yithquickview Shortcode vulnerability discovered by zaim in WordPress Plugin YITH WooCommerce Quick View versions = 2.7.0...

WordPress Mavix Education plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) 'Creativ Demo Importer' Plugin Activation vulnerability

Missing Authorization to Authenticated Subscriber+ 'Creativ Demo Importer' Plugin Activation vulnerability discovered by Jonas Benjamin Friedli in WordPress Theme Mavix Education versions = 1.0...

WordPress Mavix Education plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) 'Creativ Demo Importer' Plugin Activation vulnerability

Software : Mavix Education Type : Theme Vulnerable versions : = 1.0 Fixed in : 1.1 OWASP Top 10 : A1: Broken Access Control Classification : Broken Access Control CVE ID : CVE-2025-11164 Patchstack priority : Low CVSS severity : 4.3 Required privilege : Subscriber Developer : Claim ownership PSID...

WordPress Header Footer Script Adder – Insert Code in Header, Body & Footer plugin <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Powpy in WordPress Plugin Header Footer Script Adder versions = 2.0.5...

WordPress Emplibot plugin <= 1.0.9 - Authenticated (Admin+) Server-Side Request Forgery vulnerability

Authenticated Admin+ Server-Side Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Emplibot versions = 1.0.9...

WordPress 404 Solution plugin <= 3.1.0 - Authenticated (Admin+) SQL Injection via 'filterText' Parameter vulnerability

Authenticated Admin+ SQL Injection via 'filterText' Parameter vulnerability discovered by Muhamad Visat in WordPress Plugin 404 Solution versions = 3.1.0...

WordPress HT Slider for Elementor plugin <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin HT Slider For Elementor versions = 1.7.4...

WordPress Design Import/Export plugin <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import vulnerability

Authenticated Administrator+ SQL Injection via XML File Import vulnerability discovered by ChamlaVic in WordPress Plugin Design Import/Export versions = 2.2...

WordPress HAPPY – Helpdesk Support Ticket System plugin <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Ticket Reply vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin HAPPY versions = 1.0.9...

WordPress Custom Post Type UI plugin <= 1.18.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'label' Import Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'label' Import Parameter vulnerability discovered by type5afe in WordPress Plugin Custom Post Type UI versions = 1.18.1...

WordPress Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin <= 5.1.3 - Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Tracking Opt-In/Opt-Out Modification vulnerability discovered by Legion Hunter in WordPress Plugin Employee Spotlight versions = 5.1.3...

WordPress Image Slider by Ays- Responsive Slider and Carousel plugin <= 2.7.0 - Cross-Site Request Forgery to Arbitrary Slider Deletion vulnerability

Cross-Site Request Forgery to Arbitrary Slider Deletion vulnerability discovered by ChamlaVic in WordPress Plugin Image Slider by Ays versions = 2.7.0...

WordPress GenerateBlocks plugin <= 2.1.2 - Authenticated (Contributor+) Information Exposure via Metadata vulnerability

Authenticated Contributor+ Information Exposure via Metadata vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin GenerateBlocks versions = 2.1.2...

WordPress WPGraphQL Smart Cache plugin < 2.0.1 - Unauthenticated Private Content Disclosure vulnerability

Unauthenticated Private Content Disclosure vulnerability discovered by WPscan in WordPress Plugin WPGraphQL Smart Cache versions 2.0.1...

WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Directory Pro versions = 2.5.6...

WordPress Trinity Audio plugin <= 5.23.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Trinity Audio versions = 5.23.3...

WordPress Fix Media Library plugin <= 2.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Fix Media Library versions = 2.0...

WordPress Easy Property Listings plugin <= 3.5.20 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Easy Property Listings versions = 3.5.20...

WordPress InstaWP Connect plugin <= 0.1.1.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin InstaWP Connect versions = 0.1.1.9...

WordPress WPMasterToolKit (WPMTK) plugin <= 2.13.0 - Authenticated (Author+) Code Injection vulnerability

Authenticated Author+ Code Injection vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin WPMasterToolKit versions = 2.13.0...

WordPress WP Webhooks plugin <= 3.3.8 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WP Webhooks versions = 3.3.8...

WordPress Ultimate Auction plugin <= 4.3.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...

WordPress Ultimate Auction plugin <= 4.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...

WordPress Simple CSV Table plugin <= 1.0.1 - Directory Traversal to Authenticated (Contributor+) Arbitrary File Read vulnerability

Directory Traversal to Authenticated Contributor+ Arbitrary File Read vulnerability discovered by Ivan Cese in WordPress Plugin Simple CSV Table versions = 1.0.1...

WordPress VikRentItems Flexible Rental Management System plugin <= 1.2.0 - Reflected Cross-Site Scripting via 'delto' Parameter vulnerability

Reflected Cross-Site Scripting via 'delto' Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin VikRentItems Flexible Rental Management System versions = 1.2.0...

WordPress Fancy Product Designer plugin <= 6.4.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload vulnerability

Unauthenticated Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by WordFence in WordPress Plugin Fancy Product Designer versions = 6.4.8...

WordPress Flow-Flow Social Feed Stream plugin 3.0.0-4.7.5 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by kr0d in WordPress Plugin Flow-Flow Social Stream versions 3.0.0-4.7.5...

WordPress Campay Woocommerce Payment Gateway plugin <= 1.2.2 - Unauthenticated Payment Bypass vulnerability

Unauthenticated Payment Bypass vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Campay Woocommerce Payment Gateway versions = 1.2.2...

WordPress FunnelKit – Funnel Builder for WooCommerce Checkout plugin <= 3.13.1.5 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Marcin Dudek dudekmar - CERT.PL in WordPress Plugin Funnel Builder by FunnelKit versions = 3.13.1.5...