Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-10-21
CVE-2025-10916 - Before 1 Plugin
The FormGent WordPress plugin before 1.0.4 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.
PLUGIN
Before 1
CVE-2025-10916
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11536 - Bdthemes Element Pack Lite Plugin
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wp_ajax_import_elementor_template action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Bdthemes Element Pack Lite
CVE-2025-11536
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11926 - Related Posts Lite Plugin
The Related Posts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
PLUGIN
Related Posts Lite
CVE-2025-11926
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-9890 - Theme Editor Plugin
The Theme Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0. This is due to missing or incorrect nonce validation on the 'theme_editor_theme' page. This makes it possible for unauthenticated attackers to achieve remote code execution via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
PLUGIN
Theme Editor
CVE-2025-9890
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11256 - Kognetiks Chatbot Plugin
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversations.
PLUGIN
Kognetiks Chatbot
CVE-2025-11256
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-10750 - Embed Power Bi Reports Plugin
The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.2.0. This is due to missing capability checks and authentication verification on the 'testUser' endpoint accessible via the mo_epbr_admin_observer() function hooked on 'init'. This makes it possible for unauthenticated attackers to access sensitive Azure AD user information including personal identifiable information (PII) such as displayName, mail, phones, department, or detailed OAuth error data including Azure AD Application/Client IDs, error codes, trace IDs, and correlation IDs.
PLUGIN
Embed Power Bi Reports
CVE-2025-10750
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-9562 - Wpcf7 Redirect Plugin
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's qs_date shortcode in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wpcf7 Redirect
CVE-2025-9562
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11741 - Wpc Smart Quick View For Woocommerce Plugin
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.2.5 via the 'woosq_quickview' AJAX endpoint due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft products that they should not have access to.
PLUGIN
Wpc Smart Quick View For Woocommerce
CVE-2025-11741
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11391 - Woocommerce Product Addon Plugin
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. While the vulnerable code is in the free version, this only affected users with the paid version of the software installed and activated.
PLUGIN
Woocommerce Product Addon
CVE-2025-11391
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11691 - Woocommerce Product Addon Plugin
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the PPOM_Meta::get_fields_by_id() function in all versions up to, and including, 33.0.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This is only exploitable when the Enable Legacy Price Calculations setting is enabled.
PLUGIN
Woocommerce Product Addon
CVE-2025-11691
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11517 - Event Tickets And Registration Plugin
The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment. This makes it possible for unauthenticated attackers to obtain access to paid tickets, without paying for them, causing a loss of revenue for the target.
PLUGIN
Event Tickets And Registration
CVE-2025-11517
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11519 - Image Optimization Plugin
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the /wp-json/optml/v1/move_image REST API endpoint due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to offload media that doesn't belong to them.
PLUGIN
Image Optimization
CVE-2025-11519
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11510 - File Manager Plugin
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /filebird/v1/fb-wipe-clear-all-data function in all versions up to, and including, 6.4.9. This makes it possible for authenticated attackers, with author-level access and above, to reset all of the plugin's configuration data.
PLUGIN
File Manager
CVE-2025-11510
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11372 - Wordpress Lms Plugin
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to modification of data in all versions up to, and including, 4.2.9.2. This is due to missing capability checks on the Admin Tools REST endpoints which are registered with permission_callback set to __return_true. This makes it possible for unauthenticated attackers to perform destructive database operations including dropping indexes on any table (including WordPress core tables like wp_options), creating duplicate configuration entries, and degrading site performance via the /wp-json/lp/v1/admin/tools/create-indexs endpoint granted they can provide table names.
PLUGIN
Wordpress Lms
CVE-2025-11372
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11270 - Patterns Plugin
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titleTag' attribute in all versions up to, and including, 5.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Patterns
CVE-2025-11270
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-10187 - Wordpress Text To Speech Plugin
The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wordpress Text To Speech
CVE-2025-10187
Risk Score
Threat Entry
Updated 2025-11-26
CVE-2025-10006 - Page Builder Plugin
The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rev_slider_vc' shortcode in all versions up to, and including, 8.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is only exploitable when RevSlider is also installed.
PLUGIN
Page Builder
CVE-2025-10006
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11857 - Fb2wp Integration Tools Plugin
The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mxp_fb2wp_display_embed' shortcode in all versions up to, and including, 1.9.9. This is due to the plugin not properly sanitizing user input and output of the 'post_id' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Fb2wp Integration Tools
CVE-2025-11857
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11742 - Wpc Smart Wishlist For Woocommerce Plugin
The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wishlist_quickview' AJAX action in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's wishlist data and information.
PLUGIN
Wpc Smart Wishlist For Woocommerce
CVE-2025-11742
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11738 - Media Library Assistant Plugin
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can contain sensitive information.
PLUGIN
Media Library Assistant
CVE-2025-11738
Risk Score