Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-07-10
CVE-2025-2939 - Ninja Tables Plugin
The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.0.18 via deserialization of untrusted input from the args[callback] parameter . This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to execute arbitrary functions, though it does not allow user supplied parameters only single functions can be called so the impact is limited.
PLUGIN
Ninja Tables
CVE-2025-2939
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-4047 - Broken Link Checker Plugin
The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view the plugin's status.
PLUGIN
Broken Link Checker
CVE-2025-4047
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-3919 - Comments Import Export Woocommerce Plugin
The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_settings function in all versions up to, and including, 2.4.3. Additionally, the plugin fails to properly sanitize and escape FTP settings parameters. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts on the plugin settings page that will execute whenever an administrative user accesses an injected page. The vulnerability was partially fixed in version 2.4.3 and fully fixed…
PLUGIN
Comments Import Export Woocommerce
CVE-2025-3919
Risk Score
Threat Entry
Updated 2025-06-09
CVE-2025-1485 - Eprivacy Cookie Consent Plugin
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
PLUGIN
Eprivacy Cookie Consent
CVE-2025-1485
Risk Score
Threat Entry
Updated 2025-06-09
CVE-2025-3951 - Before 4 Plugin
The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations.
PLUGIN
Before 4
CVE-2025-3951
Risk Score
Threat Entry
Updated 2025-07-10
CVE-2025-4857 - Newsletters Plugin
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.9.9.9 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
PLUGIN
Newsletters
CVE-2025-4857
Risk Score
Threat Entry
Updated 2026-01-23
CVE-2025-4691 - Easync Plugin
The Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.21 via the 'view_request_details' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view the details of any booking request. The vulnerability was partially patched in versions 1.3.18 and 1.3.21.
PLUGIN
Easync
CVE-2025-4691
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-5290 - Elementor Addons And Templates Plugin
The Borderless – Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Elementor Addons And Templates
CVE-2025-5290
Risk Score
Threat Entry
Updated 2025-07-11
CVE-2025-3813 - Royal Elementor Addons Plugin
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_elementor_data’ parameter in all versions up to, and including, 1.7.1020 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Royal Elementor Addons
CVE-2025-3813
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-4631 - Profitori Plugin
The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktend_object endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to trigger the save_object_as_user() function for objects whose '_datatype' is set to 'users',. This allows unauthenticated attackers to write arbitrary strings straight into the user’s wp_capabilities meta field, potentially elevating the privileges of an existing user account or a newly created one to that of an administrator.
PLUGIN
Profitori
CVE-2025-4631
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-4607 - Psw Login And Registration Plugin
The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.12 via the customer_registration() function. This is due to the use of a weak, low-entropy OTP mechanism in the forget() function. This makes it possible for unauthenticated attackers to initiate a password reset for any user, including administrators, and elevate their privileges for full site takeover.
PLUGIN
Psw Login And Registration
CVE-2025-4607
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-4672 - Offsprout Page Builder Plugin
The Offsprout Page Builder plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization placed on the permission_callback() function in versions 2.2.1 to 2.15.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to read, create, update or delete any user meta, including flipping their own wp_capabilities to administrator and fully escalate their privileges.
PLUGIN
Offsprout Page Builder
CVE-2025-4672
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-5292 - Widgets And Woocommerce Builder Plugin
The Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content’ parameter in all versions up to, and including, 5.11.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Widgets And Woocommerce Builder
CVE-2025-5292
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-5285 - Product Subtitle For Woocommerce Plugin
The Product Subtitle for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘htmlTag’ parameter in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Product Subtitle For Woocommerce
CVE-2025-5285
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-4103 - Wp Geometa Plugin
The WP-GeoMeta plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wp_ajax_wpgm_start_geojson_import() function in versions 0.3.4 to 0.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator.
PLUGIN
Wp Geometa
CVE-2025-4103
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-4595 - Fastspring Plugin
The FastSpring plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fastspring/block-fastspringblocks-complete-product-catalog' block in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping on the 'color' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Fastspring
CVE-2025-4595
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-4590 - Daisycon Plugin
The Daisycon prijsvergelijkers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'daisycon_uitvaart' shortcode in all versions up to, and including, 4.8.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Daisycon
CVE-2025-4590
Risk Score
Threat Entry
Updated 2025-06-02
CVE-2025-5016 - A Better Search Plugin
The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Excerpt Highlights in all versions up to, and including, 4.24.5 (Free) and 2.27.6 (Premium) due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
A Better Search
CVE-2025-5016
Risk Score
Threat Entry
Updated 2025-05-30
CVE-2025-5190 - Browse As Plugin
The Browse As plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2. This is due to incorrect authentication checking in the 'IS_BA_Browse_As::notice' function with the 'is_ba_original_user_COOKIEHASH' cookie value. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator, if they have access to the user id.
PLUGIN
Browse As
CVE-2025-5190
Risk Score
Threat Entry
Updated 2025-05-30
CVE-2025-4597 - Woo Slider Pro Drag Drop Slider Builder For Woocommerce Plugin
The Woo Slider Pro – Drag Drop Slider Builder For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woo_slide_pro_delete_draft_preview AJAX action in all versions up to, and including, 1.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts.
PLUGIN
Woo Slider Pro Drag Drop Slider Builder For Woocommerce
CVE-2025-4597
Risk Score