Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-10-14
CVE-2025-11197 - Draft List Plugin
The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Draft List
CVE-2025-11197
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-10185 - Nex Forms Express Wp Form Builder Plugin
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in the action nf_load_form_entries in all versions up to, and including, 9.1.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This may be exploitable by lower-level users…
PLUGIN
Nex Forms Express Wp Form Builder
CVE-2025-10185
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-10048 - My Auctions Allegro Plugin
The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 3.6.31 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
My Auctions Allegro
CVE-2025-10048
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-9560 - Colibri Page Builder Plugin
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's colibri_newsletter shortcode in all versions up to, and including, 1.0.334 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Colibri Page Builder
CVE-2025-9560
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-11380 - Cloning Plugin
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everest_process_status' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to retrieve back-up file locations that can be subsequently accessed and downloaded. This does require a back-up to be running in order for an attacker to retrieve the back-up location.
PLUGIN
Cloning
CVE-2025-11380
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-7781 - Wp Jobhunt Plugin
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘cs_job_title’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wp Jobhunt
CVE-2025-7781
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-7374 - Wp Jobhunt Plugin
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to authorization bypass in all versions up to, and including, 7.6. This is due to insufficient login restrictions on inactive and pending accounts. This makes it possible for authenticated attackers, with Candidate- and Employer-level access and above, to log in to the site even if their account is inactive or pending.
PLUGIN
Wp Jobhunt
CVE-2025-7374
Risk Score
Threat Entry
Updated 2025-11-13
CVE-2025-10124 - Booking Manager Plugin
The Booking Manager WordPress plugin before 2.1.15 registers a shortcode that deletes bookings and makes that shortcode available to anyone with contributor and above privileges. When a page containing the shortcode is visited, the bookings are deleted.
PLUGIN
Booking Manager
CVE-2025-10124
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10249 - Slider Revolution Plugin
The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above, to install and activate plugin add-ons, create sliders, and download arbitrary files.
PLUGIN
Slider Revolution
CVE-2025-10249
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10862 - Popup Builder Block Plugin
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Popup Builder Block
CVE-2025-10862
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-7634 - Wp Travel Engine Plugin
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
PLUGIN
Wp Travel Engine
CVE-2025-7634
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-7526 - Wp Travel Engine Plugin
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Wp Travel Engine
CVE-2025-7526
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-6038 - Lisfinity Wordpress Theme Plugin
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including those of administrators.
PLUGIN
Lisfinity Wordpress Theme
CVE-2025-6038
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-11166 - Wp Google Maps Plugin
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to, and including, 9.0.46. This is due to the plugin exposing state-changing REST actions through an AJAX bridge without proper CSRF token validation, and having destructive logic reachable via GET requests with no permission_callback. This makes it possible for unauthenticated attackers to force logged-in administrators to create, update, or delete markers and geometry features via CSRF attacks, and allows anonymous users to trigger mass deletion of markers via…
PLUGIN
Wp Google Maps
CVE-2025-11166
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10586 - Community Events Plugin
The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’ parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Community Events
CVE-2025-10586
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10496 - Cookie Notice Consent Plugin
The Cookie Notice & Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uuid parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Cookie Notice Consent
CVE-2025-10496
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-10649 - Welcart E Commerce Plugin
The Welcart e-Commerce plugin for WordPress is vulnerable to SQL Injection via the cookie in all versions up to, and including, 2.11.21 due to insufficient escaping on the user supplied value and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Author-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Welcart E Commerce
CVE-2025-10649
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-11171 - Chart Builder Plugin
The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter, without any nonce or capability checks. This makes it possible for unauthenticated attackers to execute administrative functions via the wp-admin/admin-ajax.php endpoint granted they can identify callable method names.
PLUGIN
Chart Builder
CVE-2025-11171
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-10635 - Through 2 Plugin
The Find Me On WordPress plugin through 2.0.9.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers and above to perform SQL injection attacks
PLUGIN
Through 2
CVE-2025-10635
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-11204 - Custom Registration Form Builder With Submission Manager Plugin
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 6.0.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. An unauthenticated attacker could utilize an injected Cross-Site Scripting via user-agent…
PLUGIN
Custom Registration Form Builder With Submission Manager
CVE-2025-11204
Risk Score