Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-11-25
CVE-2025-13526 - Changeset Plugin
The OneClick Chat to Order plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.8 via the 'wa_order_thank_you_override' function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view sensitive customer information including names, email addresses, phone numbers, billing/shipping addresses, order contents, and payment methods by simply changing the order ID in the URL.
PLUGIN
Changeset
CVE-2025-13526
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-12877 - Changeset Plugin
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized modification od data due to a missing capability check on the panding_blood_request_action() function in all versions up to, and including, 2.1.15. This makes it possible for unauthenticated attackers to delete arbitrary posts.
PLUGIN
Changeset
CVE-2025-12877
Risk Score
Threat Entry
Updated 2025-11-21
CVE-2025-12935 - Changeset Plugin
The FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fluentcrm_content' shortcode in all versions up to, and including, 2.9.84 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Changeset
CVE-2025-12935
Risk Score
Threat Entry
Updated 2025-11-26
CVE-2025-10054 - Changeset Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh_crm_remove_agent' function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to remove the role and capabilities of any user with an Administrator, WSDesk Supervisor, or WSDesk Agents role.
PLUGIN
Changeset
CVE-2025-10054
Risk Score
Threat Entry
Updated 2025-11-26
CVE-2025-10039 - Changeset Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.9 via the 'eh_crm_ticket_single_view_client' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of all support tickets.
PLUGIN
Changeset
CVE-2025-10039
Risk Score
Threat Entry
Updated 2025-11-21
CVE-2025-13156 - Changeset Plugin
The Vitepos – Point of Sale (POS) for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the insert_media_attachment() function in all versions up to, and including, 3.3.0. This is due to the save_update_category_img() function accepting user-supplied file types without validation when processing category images. This makes it possible for authenticated attackers, with subscriber level access and above, to upload arbitrary files on the affected site's server which makes remote code execution possible.
PLUGIN
Changeset
CVE-2025-13156
Risk Score
Threat Entry
Updated 2025-11-21
CVE-2025-13141 - Changeset Plugin
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name whitelist allowing dangerous tags like 'script', 'iframe', and 'object' to be injected even though tag_escape() is used for sanitization. While some blocks use esc_html() for content, this can be bypassed using JavaScript encoding techniques (unquoted strings, backticks, String.fromCharCode()). This makes…
PLUGIN
Changeset
CVE-2025-13141
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2025-12746 - Changeset Plugin
The Tainacan plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Changeset
CVE-2025-12746
Risk Score
Threat Entry
Updated 2025-11-21
CVE-2025-11815 - Changeset Plugin
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the uip_save_site_option() function in all versions up to, and including, 3.5.08. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary plugin settings. Other AJAX actions are also affected.
PLUGIN
Changeset
CVE-2025-11815
Risk Score
Threat Entry
Updated 2025-11-26
CVE-2025-11456 - Changeset Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the eh_crm_new_ticket_post() function in all versions up to, and including, 3.3.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Changeset
CVE-2025-11456
Risk Score
Threat Entry
Updated 2025-12-03
CVE-2025-12169 - Changeset Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_eh_crm_settings_empty_scheduled_actions' AJAX Action in all versions up to, and including, 3.3.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to clear the scheduled triggers option.
PLUGIN
Changeset
CVE-2025-12169
Risk Score
Threat Entry
Updated 2025-12-03
CVE-2025-12085 - Changeset Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh_crm_settings_empty_trash' function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to empty the ticket trash.
PLUGIN
Changeset
CVE-2025-12085
Risk Score
Threat Entry
Updated 2025-12-03
CVE-2025-12023 - Changeset Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_crm_restore_data() function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to restore tickets.
PLUGIN
Changeset
CVE-2025-12023
Risk Score
Threat Entry
Updated 2025-12-03
CVE-2025-12022 - Changeset Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh_crm_settings_restore_trash' AJAX endpoint in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to restore all deleted tickets.
PLUGIN
Changeset
CVE-2025-12022
Risk Score
Threat Entry
Updated 2025-11-24
CVE-2025-5092 - Changeset Plugin
Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library (
PLUGIN
Changeset
CVE-2025-5092
Risk Score
Threat Entry
Updated 2025-11-21
CVE-2025-12778 - Changeset Plugin
The Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handle_filter_users function in all versions up to, and including, 2.3. This makes it possible for unauthenticated attackers to extract partial metadata of all WordPress users, including their first name, last name and email addresses.
PLUGIN
Changeset
CVE-2025-12778
Risk Score
Threat Entry
Updated 2025-11-26
CVE-2025-13206 - Changeset Plugin
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 4.13.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Avatars must be enabled in the WordPress install in order to exploit the vulnerability.
PLUGIN
Changeset
CVE-2025-13206
Risk Score
Threat Entry
Updated 2025-11-19
CVE-2025-13085 - Changeset Plugin
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to and including 1.3.2. This is due to missing object-level authorization checks in the resolve_variables() AJAX handler. This makes it possible for authenticated attackers with the siteseo_manage capability (e.g., Author-level users who have been granted SiteSEO access by an administrator) to read arbitrary post metadata from any post, page, attachment, or WooCommerce order they cannot edit, via the custom field variable resolution feature granted they have been given…
PLUGIN
Changeset
CVE-2025-13085
Risk Score
Threat Entry
Updated 2025-11-19
CVE-2025-13145 - Changeset Plugin
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.33.1. This is due to deserialization of untrusted data supplied via CSV file imports in the import_single_post_as_csv function within SingleImportExport.php. This makes it possible for authenticated attackers, with administrator-level access or higher, to inject a PHP object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve…
PLUGIN
Changeset
CVE-2025-13145
Risk Score
Threat Entry
Updated 2025-11-19
CVE-2025-13054 - Changeset Plugin
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wppb-embed shortcode in all versions up to, and including, 3.14.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Changeset
CVE-2025-13054
Risk Score