Lucene search
+L

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 22, 2025 to September 28, 2025)

🗓️ 02 Oct 2025 14:22:50Reported by Chloe ChamberlandType 
wordfence
 wordfence
🔗 www.wordfence.com👁 21 Views

Wordfence Intelligence Weekly report notes 441 vulnerabilities across 393 plugins and 16 themes.

Related
ReporterTitlePublishedViews
Family
Vulnrichment
CVE-2025-58648 WordPress Simple JWT Login plugin <= 3.6.4 - Cross Site Scripting (XSS) vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58649 WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Sensitive Data Exposure Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58650 WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Broken Access Control Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58651 WordPress PlayerJS Plugin <= 2.24 - Cross Site Scripting (XSS) Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58652 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58653 WordPress JSM file_get_contents() Shortcode Plugin <= 2.7.1 - Cross Site Scripting (XSS) Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58654 WordPress xili-language Plugin <= 2.21.3 - Cross Site Scripting (XSS) Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58655 WordPress Category Featured Images Plugin <= 1.1.8 - Cross Site Scripting (XSS) Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58656 WordPress Estonian Shipping Methods for WooCommerce Plugin <= 1.7.2 - Sensitive Data Exposure Vulnerability
22 Sep 202518:23
vulnrichment
Vulnrichment
CVE-2025-58657 WordPress Grid plugin <= 2.3.1 - Cross Site Request Forgery (CSRF) vulnerability
22 Sep 202518:23
vulnrichment
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation