Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-12-19
CVE-2025-12361 - And Loyalty Program Plugin
The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.9.7.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive information including user IDs, display names, and email addresses of all users on the site via the get_bank_accounts AJAX action. Passwords are not exposed.
PLUGIN
And Loyalty Program
CVE-2025-12361
Risk Score
Threat Entry
Updated 2025-12-19
CVE-2025-14151 - Slimstat Analytics Plugin
The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'outbound_resource' parameter in the slimtrack AJAX action in all versions up to, and including, 5.3.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Slimstat Analytics
CVE-2025-14151
Risk Score
Threat Entry
Updated 2025-12-19
CVE-2025-11747 - Colibri Page Builder Plugin
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the colibri_blog_posts shortcode in all versions up to, and including, 1.0.345 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Colibri Page Builder
CVE-2025-11747
Risk Score
Threat Entry
Updated 2025-12-19
CVE-2025-14449 - Ba Book Everything Plugin
The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's babe-search-form shortcode in all versions up to, and including, 1.8.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Ba Book Everything
CVE-2025-14449
Risk Score
Threat Entry
Updated 2025-12-19
CVE-2025-13999 - Audio Player Plugin
The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata() function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Audio Player
CVE-2025-13999
Risk Score
Threat Entry
Updated 2025-12-19
CVE-2025-13754 - Simply Schedule Appointments Booking Plugin
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.16. This is due to the plugin exposing its admin embed endpoint at `/wp-json/ssa/v1/embed-inner-admin` without authentication, which leaks plugin settings including staff names, business names, and configuration data that are not publicly displayed on the booking form. This makes it possible for unauthenticated attackers to extract private business configuration. In premium versions with integrations configured, this might also expose other sensitive data including API keys…
PLUGIN
Simply Schedule Appointments Booking
CVE-2025-13754
Risk Score
Threat Entry
Updated 2025-12-19
CVE-2025-13307 - Ocean Modal Window Plugin
The Ocean Modal Window WordPress plugin before 2.3.3 is vulnerable to Remote Code Execution via the modal display logic. These modals can be displayed under user-controlled conditions that Editors and Administrators can set (edit_pages capability). The conditions are then executed as part of an eval statement executed on every site page. This leads to remote code execution.
PLUGIN
Ocean Modal Window
CVE-2025-13307
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-14437 - Hummingbird Performance Plugin
The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials.
PLUGIN
Hummingbird Performance
CVE-2025-14437
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-14618 - Sweet Energy Efficiency Plugin
The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweet_energy_efficiency_action' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with subscriber level access and above, to read, modify, and delete arbitrary graphs.
PLUGIN
Sweet Energy Efficiency
CVE-2025-14618
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-14277 - Addons For Elementor Plugin
The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.9 via the import_elementor_template AJAX action. This makes it possible for authenticated attackers, with subscriber level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Addons For Elementor
CVE-2025-14277
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-13110 - Products Filter Professional For Woocommerce Plugin
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.3 via the "woof_add_subscr" function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber level access and above, to create product messenger subscriptions on behalf of arbitrary users, including administrators.
PLUGIN
Products Filter Professional For Woocommerce
CVE-2025-13110
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-14364 - Demo Importer Plus Plugin
The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missing capability check on the Ajax::handle_request() function in all versions up to, and including, 2.0.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger a full site reset, dropping all database tables except users/usermeta and re-running wp_install(), which also assigns the Administrator role to the attacking subscriber account.
PLUGIN
Demo Importer Plus
CVE-2025-14364
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-13730 - Daggerhart Openid Connect Generic Plugin
The OpenID Connect Generic Client plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'openid_connect_generic_auth_url' shortcode in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Daggerhart Openid Connect Generic
CVE-2025-13730
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-13641 - Nextgen Gallery Plugin
The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.59.12 via the 'template' shortcode parameter. This is due to insufficient path validation that allows absolute paths to be provided. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary PHP files on the server, bypassing web server restrictions like .htaccess. Successful exploitation could lead to information disclosure, code execution in the WordPress context, and potential remote…
PLUGIN
Nextgen Gallery
CVE-2025-13641
Risk Score
Threat Entry
Updated 2026-01-20
CVE-2025-64231 - Contact Form 7 Plugin
Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpress-contact-form-7-pdf allows Using Malicious Files.This issue affects WordPress Contact Form 7 PDF, Google Sheet & Database: from n/a through
PLUGIN
Contact Form 7
CVE-2025-64231
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-12976 - Events Manager Plugin
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'events_list_grouped' shortcode in all versions up to, and including, 7.2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Events Manager
CVE-2025-12976
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-13498 - Download Manager Plugin
The Download Manager plugin for WordPress is vulnerable to unauthorized access of sensitive information in all versions up to, and including, 3.3.32. This is due to missing authorization and capability checks on the `wpdm_media_access` AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve passwords and access control settings for protected media attachments, which can then be used to bypass the intended media protection and download restricted files.
PLUGIN
Download Manager
CVE-2025-13498
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-12885 - Powerpoint And Excel Files Plugin
The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sanitize_pdf_src function regex bypass in all versions up to, and including, 2.7.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Powerpoint And Excel Files
CVE-2025-12885
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-13537 - Free Wordpress Website Builder Plugin
The Live Composer – Free WordPress Website Builder plugin for WordPress is vulnerable to multiple Stored Cross-Site Scripting vulnerabilities via DOM manipulation in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Free Wordpress Website Builder
CVE-2025-13537
Risk Score
Threat Entry
Updated 2025-12-18
CVE-2025-14081 - Ultimate Member Plugin
The Ultimate Member plugin for WordPress is vulnerable to Profile Privacy Setting Bypass in all versions up to, and including, 2.11.0. This is due to a flaw in the secure fields mechanism where field keys are stored in the allowed fields list before the `required_perm` check is applied during rendering. This makes it possible for authenticated attackers with Subscriber-level access to modify their profile privacy settings (e.g., setting profile to "Only me") via direct parameter manipulation, even when the administrator has explicitly disabled the option for their role.
PLUGIN
Ultimate Member
CVE-2025-14081
Risk Score