Filtered by vendor Wordpress
Subscriptions
Total
10835 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12788 | 2 Themefic, Wordpress | 2 Hydra Booking, Wordpress | 2025-11-14 | 5.3 Medium |
| The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to missing payment verification to unauthenticated payment bypass in all versions up to, and including, 1.1.27. This is due to the plugin accepting client-controlled payment confirmation data in the tfhb_meeting_paypal_payment_confirmation_callback function without server-side verification with PayPal's API. This makes it possible for unauthenticated attackers to bypass payment requirements and confirm bookings as paid without any actual payment transaction occurring. | ||||
| CVE-2025-12846 | 2 Creativethemes, Wordpress | 2 Blocksy Companion, Wordpress | 2025-11-14 | 8.8 High |
| The Blocksy Companion plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 2.1.19. This is due to insufficient file type validation detecting SVG files, allowing double extension files to bypass sanitization while being accepted as a valid SVG file. This makes it possible for authenticated attackers, with author level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2025-12901 | 2 Asgaros, Wordpress | 2 Asgaros Forum, Wordpress | 2025-11-14 | 4.3 Medium |
| The Asgaros Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing nonce validation on the set_subscription_level() function. This makes it possible for unauthenticated attackers to modify the subscription settings of authenticated users via a forged request granted they can trick a logged-in user into performing an action such as clicking on a link. | ||||
| CVE-2025-12633 | 2 Stellarwp, Wordpress | 2 Booking Calendar, Wordpress | 2025-11-14 | 7.5 High |
| The Booking Calendar | Appointment Booking | Bookit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/bookit/v1/commerce/stripe/return' REST API Endpoint in all versions up to, and including, 2.5.0. This makes it possible for unauthenticated attackers to connect their Stripe account and receive payments. | ||||
| CVE-2025-12113 | 1 Wordpress | 1 Wordpress | 2025-11-14 | 4.3 Medium |
| The Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the atgai_delete_api_key() function in all versions up to, and including, 1.8.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the API key connected to the site. | ||||
| CVE-2025-7663 | 2 Ovatheme, Wordpress | 2 Events Manager Plugin, Wordpress | 2025-11-13 | 6.5 Medium |
| The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /class-ovaem-ajax.php file in all versions up to, and including, 1.8.6. This makes it possible for unauthenticated attackers to delete ticket files, download tickets, and more. | ||||
| CVE-2025-9587 | 1 Wordpress | 1 Wordpress | 2025-11-13 | 8.6 High |
| The CTL Behance Importer Lite WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. | ||||
| CVE-2025-9111 | 2 Quantumcloud, Wordpress | 2 Wpbot, Wordpress | 2025-11-13 | 3.5 Low |
| The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
| CVE-2025-8282 | 2 Sureforms, Wordpress | 2 Sureforms, Wordpress | 2025-11-13 | 3.5 Low |
| The SureForms WordPress plugin before 1.9.1 does not sanitise and escape some parameters when outputing them in the page, which could allow admin and above users to perform Cross-Site Scripting attacks. | ||||
| CVE-2024-5200 | 1 Wordpress | 1 Wordpress | 2025-11-13 | 4.8 Medium |
| The Postie WordPress plugin before 1.9.71 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
| CVE-2025-11855 | 1 Wordpress | 1 Wordpress | 2025-11-13 | 7.5 High |
| The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the age_restrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password. | ||||
| CVE-2025-11307 | 2 Wordpress, Wpgmaps | 2 Wordpress, Wp Go Maps | 2025-11-13 | 8.8 High |
| The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.48 does not sanitize user input provided via an AJAX action, allowing unauthenticated users to store XSS payloads which are later retrieved from another AJAX call and output unescaped. | ||||
| CVE-2025-47444 | 2 Liquidweb, Wordpress | 2 Givewp, Wordpress | 2025-11-13 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows Retrieve Embedded Sensitive Data.This issue affects GiveWP: from n/a before 4.6.1. | ||||
| CVE-2025-11237 | 1 Wordpress | 1 Wordpress | 2025-11-12 | 5.3 Medium |
| The Make Email Customizer for WooCommerce WordPress plugin through 1.0.6 lacks proper authorization checks and option validation in its AJAX actions, allowing any authenticated user, such as a Subscriber, to update arbitrary WordPress options. | ||||
| CVE-2025-12018 | 2 Sourcefound, Wordpress | 2 Membershipworks, Wordpress | 2025-11-12 | 4.4 Medium |
| The MembershipWorks – Membership, Events & Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | ||||
| CVE-2025-11994 | 2 Wordpress, Yudiz | 2 Wordpress, Easy Email Subscription | 2025-11-12 | 7.2 High |
| The Easy Email Subscription plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-12903 | 3 Mrclayton, Woocommerce, Wordpress | 3 Payment Plugins Braintree For Woocommerce, Woocommerce, Wordpress | 2025-11-12 | 7.5 High |
| The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaulted_nonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with permission_callback set to __return_true and processing user-supplied token IDs without verifying ownership or authentication. This makes it possible for unauthenticated attackers to retrieve payment method nonces for any stored payment token in the system, which can be used to create fraudulent transactions, charge customer credit cards, or attach payment methods to other subscriptions. | ||||
| CVE-2025-11454 | 1 Wordpress | 1 Wordpress | 2025-11-12 | 6.5 Medium |
| The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eos_scfm_duplicate_post_as_draft() function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with COntributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2025-12732 | 2 Smackcoders, Wordpress | 3 Ultimate Csv Importer, Wp Ultimate Csv Importer, Wordpress | 2025-11-12 | 4.3 Medium |
| The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to unauthorized access of sensitive information due to a missing authorization check on the showsetting() function in all versions up to, and including, 7.33. This makes it possible for authenticated attackers, with Author-level access or higher, to extract sensitive information including OpenAI API keys configured through the plugin's admin interface. | ||||
| CVE-2025-11894 | 1 Wordpress | 1 Wordpress | 2025-11-12 | 5.3 Medium |
| The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to modify several of the plugin's settings like the ServerKey and LicenseKey. | ||||