Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-10-21
CVE-2025-11361 - Essential Blocks Plugin
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.7.1 via the eb_save_ai_generated_image function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Essential Blocks
CVE-2025-11361
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11378 - Avif Plugin
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixel_ajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to export and import site options.
PLUGIN
Avif
CVE-2025-11378
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11895 - Binary Mlm Plan Plugin
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 3.0. This is due to the bmp_user_payout_detail_of_current_user() function selecting payout records solely by id without verifying ownership. This makes it possible for authenticated attackers with the bmp_user role (often subscribers) to view other members' payout summaries via direct requests to the /bmp-account-detail/ endpoint with a crafted payout-id parameter granted they can access the shortcode output.
PLUGIN
Binary Mlm Plan
CVE-2025-11895
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10850 - Felan Framework Plugin
The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fb_ajax_login_or_register' function and in the 'google_ajax_login_or_register' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, if they registered with facebook or google social login and did not change their password.
PLUGIN
Felan Framework
CVE-2025-10850
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10742 - Truelysell Core Plugin
The Truelysell Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.8.6. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. Note: This can only be exploited unauthenticated if the attacker knows which page contains the 'truelysell_edit_staff' shortcode.
PLUGIN
Truelysell Core
CVE-2025-10742
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10849 - Felan Framework Plugin
The Felan Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_plugin_actions' function called via an AJAX action in versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to activate or deactivate arbitrary plugins.
PLUGIN
Felan Framework
CVE-2025-10849
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11814 - Ultimate Addons For Wpbakery Plugin
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to 3.21.1 (exclusive) due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Ultimate Addons For Wpbakery
CVE-2025-11814
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10700 - Usability Plugin
The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the enable_unfiltered_files_upload function. This makes it possible for unauthenticated attackers to enable unfiltered file upload and add svg files to the upload list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
PLUGIN
Usability
CVE-2025-10700
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-9967 - Orion Sms Otp Verification Plugin
The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's password to a one-time password if the attacker knows the user's phone number
PLUGIN
Orion Sms Otp Verification
CVE-2025-9967
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11722 - Accordion Panel For Category And Products Plugin
The Woocommerce Category and Products Accordion Panel plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'categoryaccordionpanel' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
PLUGIN
Accordion Panel For Category And Products
CVE-2025-11722
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11728 - Oceanpayment Creditcard Gateway Plugin
The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and unauthorized modification of data due to missing authentication and capability checks on the 'return_payment' and 'notice_payment' functions in all versions up to, and including, 6.0. This makes it possible for unauthenticated attackers to update WooCommerce orders to 'failed' status, and update transaction IDs.
PLUGIN
Oceanpayment Creditcard Gateway
CVE-2025-11728
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11177 - External Login Plugin
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database when a PostgreSQL or MSSQL database is configured as the external authentication database.
PLUGIN
External Login
CVE-2025-11177
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11365 - Wp Google Map Plugin
The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'google_map' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wp Google Map
CVE-2025-11365
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11701 - Zip Attachments Plugin
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the za_create_zip_callback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to download attachments from private and password-protected posts.
PLUGIN
Zip Attachments
CVE-2025-11701
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11692 - Zip Attachments Plugin
The Zip Attachments plugin for WordPress is vulnerable to unauthorized loss of data due to a missing authorization and capability checks on the download.php file in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to delete arbitrary files from the current wp_upload_dir directory.
PLUGIN
Zip Attachments
CVE-2025-11692
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11196 - External Login Plugin
The External Login plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.11.2 due to the 'exlog_test_connection' AJAX action lacking capability checks or nonce validation. This makes it possible for authenticated attackers, with subscriber-level access and above, to query the configured external database and retrieve truncated usernames, email addresses, and password hashes via the diagnostic test results view.
PLUGIN
External Login
CVE-2025-11196
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10743 - Outdoor Plugin
The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all versions up to, and including, 1.3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Outdoor
CVE-2025-10743
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10754 - Docodoco Store Locator Plugin
The DocoDoco Store Locator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Editor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Docodoco Store Locator
CVE-2025-10754
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10730 - Wp Tabber Widget Plugin
The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wp Tabber Widget
CVE-2025-10730
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10682 - Tariffuxx Plugin
The TARIFFUXX plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4. This is due to insufficient neutralization of user-supplied input used directly in SQL queries. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject additional SQL into queries and extract sensitive information from the database via a crafted id attribute in the 'tariffuxx_configurator' shortcode.
PLUGIN
Tariffuxx
CVE-2025-10682
Risk Score