Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-15
CVE-2026-1271 - ProfileGrid – User Profiles, Groups and Communities Plugin
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.7.2 via the 'pm_upload_image' and 'pm_upload_cover_image' AJAX actions. This is due to the update_user_meta() function being called outside of the user authorization check in public/partials/crop.php and public/partials/coverimg_crop.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change any user's profile picture or cover image, including administrators.
PLUGIN
ProfileGrid – User Profiles, Groups and Communities
CVE-2026-1271
Risk Score
Threat Entry
Updated 2026-02-05
CVE-2025-14079 - Elex Helpdesk Customer Support Ticket System Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.3.5. This is due to missing capability checks on the eh_crm_ticket_general function combined with a shared nonce that is exposed to low-privileged users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify global WSDesk settings via the `eh_crm_ticket_general` AJAX action.
PLUGIN
Elex Helpdesk Customer Support Ticket System
CVE-2025-14079
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1319 - Webp Converter Plugin
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Webp Converter
CVE-2026-1319
Risk Score
Threat Entry
Updated 2026-02-05
CVE-2025-13416 - Profilegrid User Profiles Groups And Communities Plugin
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pm_deactivate_user_from_group() function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to suspend arbitrary users from groups, including administrators, via the pm_deactivate_user_from_group AJAX action.
PLUGIN
Profilegrid User Profiles Groups And Communities
CVE-2025-13416
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1268 - Dynamic Widget Content Plugin
The Dynamic Widget Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget content field in the Gutenberg editor sidebar in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Dynamic Widget Content
CVE-2026-1268
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0867 - Essential Widgets Plugin
The Essential Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ew-author, ew-archive, ew-category, ew-page, and ew-menu shortcodes in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was partially fixed in version 3.0.
PLUGIN
Essential Widgets
CVE-2026-0867
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1246 - Shortpixel Image Optimiser Plugin
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for authenticated attackers, with Editor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information such as database credentials and authentication keys.
PLUGIN
Shortpixel Image Optimiser
CVE-2026-1246
Risk Score
Threat Entry
Updated 2026-02-05
CVE-2025-13192 - Popup Builder Block Plugin
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to generic SQL Injection via the multiple REST API endpoints in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Vulnerability was patched in version 2.2.1 for unauthenticated users,…
PLUGIN
Popup Builder Block
CVE-2025-13192
Risk Score
Threat Entry
Updated 2026-02-04
CVE-2025-15368 - Sportspress Plugin
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'template_name' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
PLUGIN
Sportspress
CVE-2025-15368
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0742 - Smart Appointment & Booking Plugin
The Smart Appointment & Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the saab_save_form_data AJAX action in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Smart Appointment & Booking
CVE-2026-0742
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0679 - Fortis For Woocommerce Plugin
The Fortis for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to an inverted nonce check in the 'check_fortis_notify_response' function in all versions up to, and including, 1.2.0. This makes it possible for unauthenticated attackers to update arbitrary WooCommerce order statuses to paid/processing/completed, effectively allowing them to mark orders as paid without payment.
PLUGIN
Fortis For Woocommerce
CVE-2026-0679
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1370 - Sibs Woocommerce Plugin
The SIBS woocommerce payment gateway plugin for WordPress is vulnerable to time-based SQL Injection via the ‘referencedId’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Sibs Woocommerce
CVE-2026-1370
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0816 - All Push Notification Plugin
The All push notification for WP plugin for WordPress is vulnerable to time-based SQL Injection via the 'delete_id' parameter in all versions up to, and including, 1.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
All Push Notification
CVE-2026-0816
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0743 - Wp Content Permission Plugin
The WP Content Permission plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ohmem-message' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wp Content Permission
CVE-2026-0743
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0681 - Extended Random Number Generator Plugin
The Extended Random Number Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
PLUGIN
Extended Random Number Generator
CVE-2026-0681
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0572 - Webpurify Profanity Filter Plugin
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurify_save_options' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settings.
PLUGIN
Webpurify Profanity Filter
CVE-2026-0572
Risk Score
Threat Entry
Updated 2026-02-04
CVE-2025-15508 - Magic Import Document Extractor Plugin
The Magic Import Document Extractor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.4 via the get_frontend_settings() function. This makes it possible for unauthenticated attackers to extract the site's magicimport.ai license key from the page source on any page containing the plugin's shortcode.
PLUGIN
Magic Import Document Extractor
CVE-2025-15508
Risk Score
Threat Entry
Updated 2026-02-04
CVE-2025-15507 - Magic Import Document Extractor Plugin
The Magic Import Document Extractor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_sync_usage() function in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to modify the plugin's license status and credit balance.
PLUGIN
Magic Import Document Extractor
CVE-2025-15507
Risk Score
Threat Entry
Updated 2026-02-04
CVE-2025-15482 - Chapa Payment Gateway For Woocommerce Plugin
The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 via 'chapa_proceed' WooCommerce API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including the merchant's Chapa secret API key.
PLUGIN
Chapa Payment Gateway For Woocommerce
CVE-2025-15482
Risk Score
Threat Entry
Updated 2026-02-04
CVE-2025-15487 - Code Explorer Plugin
The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
PLUGIN
Code Explorer
CVE-2025-15487
Risk Score