Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-06-27
CVE-2025-3811 - Wpbookit Plugin
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email through the edit_newdata_customer_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
PLUGIN
Wpbookit
CVE-2025-3811
Risk Score
Threat Entry
Updated 2025-06-27
CVE-2025-3810 - Wpbookit Plugin
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses and passwords, including administrators, and leverage that to gain access to their account.
PLUGIN
Wpbookit
CVE-2025-3810
Risk Score
Threat Entry
Updated 2025-05-07
CVE-2025-4104 - Frontend Dashboard Plugin
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator’s email and password, and elevate their privileges to that of an administrator.
PLUGIN
Frontend Dashboard
CVE-2025-4104
Risk Score
Threat Entry
Updated 2025-05-07
CVE-2025-3844 - Peprodev Ups Plugin
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handel_ajax_req() function not having proper restrictions on the change_user_meta functionality that makes it possible to set a OTP code and subsequently log in with that OTP code. This makes it possible for unauthenticated attackers to login as other users on the site, including administrators.
PLUGIN
Peprodev Ups
CVE-2025-3844
Risk Score
Threat Entry
Updated 2025-05-07
CVE-2025-0855 - Pgs Core Plugin
The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.8.0 via deserialization of untrusted input in the 'import_header' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
PLUGIN
Pgs Core
CVE-2025-0855
Risk Score
Threat Entry
Updated 2025-05-28
CVE-2025-1909 - Buddyboss Platform Plugin
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
PLUGIN
Buddyboss Platform
CVE-2025-1909
Risk Score
Threat Entry
Updated 2025-05-05
CVE-2025-3918 - Job Listings Plugin
The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration handler reads the client-supplied $_POST['user_role'] and passes it directly to wp_insert_user() without restricting to a safe set of roles. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
PLUGIN
Job Listings
CVE-2025-3918
Risk Score
Threat Entry
Updated 2025-05-02
CVE-2025-3746 - Otp Less One Tap Sign In Plugin
The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly.
PLUGIN
Otp Less One Tap Sign In
CVE-2025-3746
Risk Score
Threat Entry
Updated 2025-05-14
CVE-2025-2907 - Order Delivery Date Plugin
The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only update options relevant to the Order Delivery Date WordPress plugin before 12.3.1. This leads to attackers being able to modify the default_user_role to administrator and users_can_register, allowing them to register as an administrator of the site for complete site takeover.
PLUGIN
Order Delivery Date
CVE-2025-2907
Risk Score
Threat Entry
Updated 2025-04-29
CVE-2025-2470 - Service Finder Bookings Plugin
The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nsl_registration_store_extra_input' function. This makes it possible for unauthenticated attackers to register an account on the site with an arbitrary role, including Administrator, when registering via a social login. The Nextend Social Login plugin must be installed and configured to exploit the vulnerability.
PLUGIN
Service Finder Bookings
CVE-2025-2470
Risk Score
Threat Entry
Updated 2025-08-12
CVE-2025-3604 - Flynax Bridge Plugin
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
PLUGIN
Flynax Bridge
CVE-2025-3604
Risk Score
Threat Entry
Updated 2025-08-12
CVE-2025-3603 - Flynax Bridge Plugin
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
PLUGIN
Flynax Bridge
CVE-2025-3603
Risk Score
Threat Entry
Updated 2025-04-21
CVE-2021-4455 - Wordpress Plugin Smart Product Review
The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Wordpress Plugin Smart Product Review
CVE-2021-4455
Risk Score
Threat Entry
Updated 2025-04-21
CVE-2025-1093 - Aihub Theme
The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generate_image function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
THEME
Aihub
CVE-2025-1093
Risk Score
Threat Entry
Updated 2025-04-21
CVE-2025-3278 - Urbango Membership Plugin
The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.4. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'user_register_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
PLUGIN
Urbango Membership
CVE-2025-3278
Risk Score
Threat Entry
Updated 2025-04-23
CVE-2025-3439 - Everest Forms Plugin
The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.1 via deserialization of untrusted input from the 'field_value' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present…
PLUGIN
Everest Forms
CVE-2025-3439
Risk Score
Threat Entry
Updated 2025-04-11
CVE-2025-32569 - WordPress Core
Deserialization of Untrusted Data vulnerability in RealMag777 TableOn – WordPress Posts Table Filterable allows Object Injection. This issue affects TableOn – WordPress Posts Table Filterable: from n/a through 1.0.2.
CORE
WordPress Core
CVE-2025-32569
Risk Score
Threat Entry
Updated 2025-04-11
CVE-2025-2636 - Instawp Connect Plugin
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
PLUGIN
Instawp Connect
CVE-2025-2636
Risk Score
Threat Entry
Updated 2025-04-11
CVE-2025-32202 - WordPress Core
Unrestricted Upload of File with Dangerous Type vulnerability in Brian Batt - elearningfreak.com Insert or Embed Articulate Content into WordPress allows Upload a Web Shell to a Web Server. This issue affects Insert or Embed Articulate Content into WordPress: from n/a through 4.3000000025.
CORE
WordPress Core
CVE-2025-32202
Risk Score
Threat Entry
Updated 2025-04-08
CVE-2025-2004 - Simple Wp Events Plugin
The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpe_delete_file AJAX action in all versions up to, and including, 1.8.17. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Simple Wp Events
CVE-2025-2004
Risk Score