Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-06-05
CVE-2025-3055 - Wp User Frontend Pro Plugin
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_avatar_ajax() function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Wp User Frontend Pro
CVE-2025-3055
Risk Score
Threat Entry
Updated 2025-06-05
CVE-2025-3054 - Wp User Frontend Pro Plugin
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. Please note that this requires the 'Private Message' module to be enabled and the Business version of the PRO software to be in use.
PLUGIN
Wp User Frontend Pro
CVE-2025-3054
Risk Score
Threat Entry
Updated 2025-07-11
CVE-2025-5482 - Sunshine Photo Cart Plugin
The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.11. This is due to the plugin not properly validating a user-supplied key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords through the password reset functionality, including administrators, and leverage that to reset the user's password and gain access to their account.
PLUGIN
Sunshine Photo Cart
CVE-2025-5482
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4578 - File Provider Plugin
The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
PLUGIN
File Provider
CVE-2025-4578
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4580 - File Provider Plugin
The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
PLUGIN
File Provider
CVE-2025-4580
Risk Score
Threat Entry
Updated 2025-07-10
CVE-2025-5539 - Wp Easy Contact Plugin
The Simple Contact Form Plugin for WordPress – WP Easy Contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emd_mb_meta' shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wp Easy Contact
CVE-2025-5539
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-5532 - Student Directory Plugin
The Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emd_mb_meta' shortcode in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Student Directory
CVE-2025-5532
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-5531 - Team Directory Plugin
The Employee Directory – Staff Listing & Team Directory Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emd_mb_meta' shortcode in all versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Team Directory
CVE-2025-5531
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-5340 - Music Player For Elementor Plugin
The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘album_buy_url’ parameter in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Music Player For Elementor
CVE-2025-5340
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4671 - Profile Builder Plugin
The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's user_meta and compare shortcodes in all versions up to, and including, 3.13.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Profile Builder
CVE-2025-4671
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4205 - Popup Maker Plugin
The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popupID' parameter in all versions up to, and including, 1.20.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Popup Maker
CVE-2025-4205
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4392 - Shared Files Plugin
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via html File uploads in all versions up to, and including, 1.7.48 due to insufficient input sanitization and output escaping within the sanitize_file() function. This makes it possible for unauthenticated attackers to bypass the plugin’s MIME-only checks and inject arbitrary web scripts in pages that will execute whenever a user accesses the html file.
PLUGIN
Shared Files
CVE-2025-4392
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-5116 - Wp Plugin Info Card
The WP Plugin Info Card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘containerid’ parameter in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This issue is due to an incomplete patch for CVE-2025-31835.
PLUGIN
Wp Plugin Info Card
CVE-2025-5116
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4420 - Vayu Blocks Plugin
The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘containerWidth’ parameter in all versions up to, and including, 1.3.1 due to a missing capability check on the vayu_blocks_option_panel_callback() function and insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Vayu Blocks
CVE-2025-4420
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-1725 - File Manager Plugin
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
PLUGIN
File Manager
CVE-2025-1725
Risk Score
Threat Entry
Updated 2025-07-10
CVE-2025-5103 - Ultimate Gift Cards For Woocommerce Plugin
The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to boolean-based SQL Injection via the 'default_price' and 'product_id' parameters in all versions up to, and including, 3.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Ultimate Gift Cards For Woocommerce
CVE-2025-5103
Risk Score
Threat Entry
Updated 2025-06-05
CVE-2025-3662 - Fancybox For Plugin
The FancyBox for WordPress plugin before 3.3.6 does not escape captions and titles attributes before using them to populate galleries' caption fields. The issue was received as a Contributor+ Stored XSS, however one of our researcher (Marc Montpas) escalated it to an Unauthenticated Stored XSS
PLUGIN
Fancybox For
CVE-2025-3662
Risk Score
Threat Entry
Updated 2025-08-01
CVE-2025-4567 - Post Slider And Post Carousel With Post Vertical Scrolling Widget Plugin
The Post Slider and Post Carousel with Post Vertical Scrolling Widget WordPress plugin before 3.2.10 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
PLUGIN
Post Slider And Post Carousel With Post Vertical Scrolling Widget
CVE-2025-4567
Risk Score
Threat Entry
Updated 2025-06-05
CVE-2025-3584 - Before 8 Plugin
The Newsletter WordPress plugin before 8.8.2 does not sanitise and escape some of its Subscription settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
PLUGIN
Before 8
CVE-2025-3584
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4224 - Wpforo Advanced Attachments Plugin
The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wpforo Advanced Attachments
CVE-2025-4224
Risk Score