Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-02-19
CVE-2025-12882 - Clasifico Listing Plugin
The Clasifico Listing plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0. This is due to the plugin allowing users who are registering new accounts to set their own role by supplying the 'listing_user_role' parameter. This makes it possible for unauthenticated attackers to gain elevated privileges by registering an account with the administrator role.
PLUGIN
Clasifico Listing
CVE-2025-12882
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1937 - Woocommerce Email Customizer Plugin
The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the `yaymail_import_state` AJAX action in all versions up to, and including, 4.3.2. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
PLUGIN
Woocommerce Email Customizer
CVE-2026-1937
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1490 - Cleantalk Spam Protect Plugin
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS (PTR record) spoofing on the 'checkWithoutToken' function in all versions up to, and including, 6.71. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. Note: This is only exploitable on sites with an invalid API key.
PLUGIN
Cleantalk Spam Protect
CVE-2026-1490
Risk Score
Threat Entry
Updated 2026-02-18
CVE-2025-8572 - Truelysell Core Plugin
The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user registration. This makes it possible for unauthenticated attackers to create accounts with elevated privileges, including administrator access.
PLUGIN
Truelysell Core
CVE-2025-8572
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1306 - Midi Synth Plugin
The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type and file extension validation in the 'export' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible granted the attacker can obtain a valid nonce. The nonce is exposed in frontend JavaScript making it trivially accessible to unauthenticated attackers.
PLUGIN
Midi Synth
CVE-2026-1306
Risk Score
Threat Entry
Updated 2026-02-12
CVE-2025-14892 - Prime Listing Manager Plugin
The Prime Listing Manager WordPress plugin through 1.1 allows an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions due to a hardcoded secret.
PLUGIN
Prime Listing Manager
CVE-2025-14892
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1729 - AdForest Plugin
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators.
PLUGIN
AdForest
CVE-2026-1729
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1357 - Wpvivid Backuprestore Plugin
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path sanitization when writing uploaded files. When the plugin fails to decrypt a session key using openssl_private_decrypt(), it does not terminate execution and instead passes the boolean false value to the phpseclib library's AES cipher initialization. The library treats this false value as a string of null…
PLUGIN
Wpvivid Backuprestore
CVE-2026-1357
Risk Score
Threat Entry
Updated 2026-02-09
CVE-2025-15027 - Jay Login Register Plugin
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jay_login_register_ajax_create_final_user' function. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
PLUGIN
Jay Login Register
CVE-2025-15027
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1499 - Wp Duplicate Plugin
The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined with path traversal in the file upload functionality. This makes it possible for authenticated (subscriber-level) attackers to set the internal `prod_key_random_id` option, which can then be used by an unauthenticated attacker to bypass authentication checks and write arbitrary files to the server via the `handle_upload_single_big_file()` function, ultimately leading to remote code execution.
PLUGIN
Wp Duplicate
CVE-2026-1499
Risk Score
Threat Entry
Updated 2026-02-03
CVE-2025-15030 - User Profile Builder Plugin
The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account
PLUGIN
User Profile Builder
CVE-2025-15030
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1056 - Snow Monkey Forms Plugin
The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'generate_user_dirpath' function in all versions up to, and including, 12.0.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Snow Monkey Forms
CVE-2026-1056
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2025-13374 - Kalrav Ai Agent Plugin
The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the kalrav_upload_file AJAX action in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Kalrav Ai Agent
CVE-2025-13374
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24531 - Prowess Plugin
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through
PLUGIN
Prowess
CVE-2026-24531
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24371 - BA Book Everything Plugin
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through
PLUGIN
BA Book Everything
CVE-2026-24371
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24379 - WP Job Portal Plugin
Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through
PLUGIN
WP Job Portal
CVE-2026-24379
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-23978 - Gyan Elements Plugin
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through
PLUGIN
Gyan Elements
CVE-2026-23978
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-23975 - Golo Plugin
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through < 1.7.5.
PLUGIN
Golo
CVE-2026-23975
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-22482 - IMGspider Plugin
Server-Side Request Forgery (SSRF) vulnerability in wbolt.com IMGspider imgspider allows Server Side Request Forgery.This issue affects IMGspider: from n/a through
PLUGIN
IMGspider
CVE-2026-22482
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0920 - La Studio Element Kit For Elementor Plugin
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'lakit_bkrole' parameter during registration and gain administrator access to the site.
PLUGIN
La Studio Element Kit For Elementor
CVE-2026-0920
Risk Score