Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
7181 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13069 | 2 Ideastocode, Wordpress | 2 Enable Svg, Webp & Ico Upload, Wordpress | 2025-11-19 | 8.8 High |
| The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.2. This is due to insufficient file type validation detecting ICO files, allowing double extension files with the appropriate magic bytes to bypass sanitization while being accepted as a valid ICO file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2025-12079 | 2 F1logic, Wordpress | 2 Wp Twitter Auto Publish, Wordpress | 2025-11-19 | 6.1 Medium |
| The WP Twitter Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.7.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2025-12078 | 2 Artibot, Wordpress | 2 Artibot, Wordpress | 2025-11-19 | 6.1 Medium |
| The ArtiBot Free Chat Bot for WebSites plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2025-12173 | 2 Winkm89, Wordpress | 2 Wp Admin Microblog, Wordpress | 2025-11-19 | 4.3 Medium |
| The WP Admin Microblog plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'wp-admin-microblog' page. This makes it possible for unauthenticated attackers to send messages on behalf of an administrator via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-12691 | 2 Sayontan, Wordpress | 2 Photonic Gallery & Lightbox, Wordpress | 2025-11-19 | 6.4 Medium |
| The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and including, 3.21 due to insufficient input sanitization and output escaping on user supplied caption attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the injected page. | ||||
| CVE-2025-12775 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 8.8 High |
| The WP Dropzone plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 1.1.0 via the `ajax_upload_handle` function. This is due to the chunked upload functionality writing files directly to the uploads directory before any file type validation occurs. This makes it possible for authenticated attackers, with subscriber level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2025-12372 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 4.3 Medium |
| The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized administrative actions such as enabling or disabling automatic pinging settings and modifying page exclusion settings. | ||||
| CVE-2025-4212 | 2 Wordpress, Wpwham | 2 Wordpress, Checkout Files Upload For Woocommerce | 2025-11-18 | 7.2 High |
| The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in image files that will execute whenever a user accesses the injected page. | ||||
| CVE-2025-13133 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 6.6 Medium |
| The Simple User Import Export plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.1.7 via the 'Import/export users' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration | ||||
| CVE-2025-12961 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 4.3 Medium |
| The Download Panel plugin for WordPress is vulnerable to unauthorized settings modification due to a missing capability check on the 'wp_ajax_save_settings' AJAX action in all versions up to, and including, 1.3.3. This is due to the absence of any capability verification in the `dlpn_save_settings()` function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to arbitrarily modify plugin settings including display text, download links, button colors, and other visual customizations. | ||||
| CVE-2025-12481 | 2 Ninjateam, Wordpress | 2 Wp Duplicate Page, Wordpress | 2025-11-18 | 4.3 Medium |
| The WP Duplicate Page plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'saveSettings' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to modify plugin settings that control role capabilities, and subsequently exploit the misconfigured capabilities to duplicate and view password-protected posts containing sensitive information. | ||||
| CVE-2025-12088 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 6.4 Medium |
| The Meta Display Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Meta Display Block in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-7711 | 2 Techlabpro1, Wordpress | 2 Classified Listing Plugin, Wordpress | 2025-11-18 | 5.4 Medium |
| The The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes. | ||||
| CVE-2025-12411 | 2 Premmerce, Wordpress | 2 Wholesale Pricing For Woocommerce, Wordpress | 2025-11-18 | 7.1 High |
| The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'ID' parameter in versions up to, and including, 1.1.10. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber level access and above, to manipulate SQL queries that can be used to extract sensitive information from the database and modify price type display names in the database via the admin-post.php "premmerce_update_price_type" action, causing cosmetic corruption of the admin interface. The 'price_type' parameter of the "premmerce_delete_price_type" is also vulnerable. | ||||
| CVE-2025-12524 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 5.4 Medium |
| The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type of arbitrary posts and pages they do not own, including those created by administrators, which can lead to site disruption, broken navigation, and SEO impact. | ||||
| CVE-2025-11620 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 7.2 High |
| The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mrpu_add_multiple_roles_ui' and 'mrpu_save_multiple_user_roles' functions in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, granted the 'edit_users' capability, to edit any user's role, including promoting users to Administrator and demoting Administrators to lower-privileged roles. | ||||
| CVE-2025-9625 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 4.3 Medium |
| The Coil Web Monetization plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the coil-get-css-selector parameter handling in the maybe_restrict_content function. This makes it possible for unauthenticated attackers to trigger CSS selector detection functionality via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-12823 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 6.4 Medium |
| The CSV to SortTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'csv' shortcode in all versions up to, and including, 4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-12404 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 6.1 Medium |
| The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the likeit_conf() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-12962 | 1 Wordpress | 1 Wordpress | 2025-11-18 | 6.4 Medium |
| The Local Syndication plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5a via the `url` parameter in the `[syndicate_local]` shortcode. This is due to the use of `wp_remote_get()` instead of `wp_safe_remote_get()` which lacks protections against requests to internal/private IP addresses and localhost. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application, which can be used to query and modify information from internal services, scan internal networks, and access resources that should not be accessible from external networks. | ||||