Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-15
CVE-2026-27052 - WordPress Core
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in villatheme Sales Countdown Timer for WooCommerce and WordPress sctv-sales-countdown-timer allows PHP Local File Inclusion.This issue affects Sales Countdown Timer for WooCommerce and WordPress: from n/a through < 1.1.9.
CORE
WordPress Core
CVE-2026-27052
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2026-25418 - Bit Form Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bitpressadmin Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through
PLUGIN
Bit Form
CVE-2026-25418
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2026-25378 - Nelio AB Testing Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through
PLUGIN
Nelio AB Testing
CVE-2026-25378
Risk Score
Threat Entry
Updated 2026-02-20
CVE-2026-25326 - CMSMasters Content Composer Plugin
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP Local File Inclusion.This issue affects CMSMasters Content Composer: from n/a through
PLUGIN
CMSMasters Content Composer
CVE-2026-25326
Risk Score
Threat Entry
Updated 2026-02-24
CVE-2026-25316 - CartFlows Plugin
Deserialization of Untrusted Data vulnerability in Brainstorm Force CartFlows cartflows allows Object Injection.This issue affects CartFlows: from n/a through
PLUGIN
CartFlows
CVE-2026-25316
Risk Score
Threat Entry
Updated 2026-02-24
CVE-2026-23805 - Media Search Enhanced Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yoren Chang Media Search Enhanced media-search-enhanced allows SQL Injection.This issue affects Media Search Enhanced: from n/a through
PLUGIN
Media Search Enhanced
CVE-2026-23805
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2026-23544 - Valenti Plugin
Deserialization of Untrusted Data vulnerability in codetipi Valenti valenti allows Object Injection.This issue affects Valenti: from n/a through
PLUGIN
Valenti
CVE-2026-23544
Risk Score
Threat Entry
Updated 2026-02-20
CVE-2026-23547 - CMSMasters Content Composer Plugin
Missing Authorization vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CMSMasters Content Composer: from n/a through
PLUGIN
CMSMasters Content Composer
CVE-2026-23547
Risk Score
Threat Entry
Updated 2026-02-24
CVE-2026-22333 - YITH WooCommerce Compare Theme
Deserialization of Untrusted Data vulnerability in YITHEMES YITH WooCommerce Compare yith-woocommerce-compare allows Object Injection.This issue affects YITH WooCommerce Compare: from n/a through
THEME
YITH WooCommerce Compare
CVE-2026-22333
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0974 - Orderable – WordPress Restaurant Online Ordering System and Food Ordering Plugin
The Orderable – WordPress Restaurant Online Ordering System and Food Ordering Plugin plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the 'install_plugin' function in all versions up to, and including, 1.20.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install arbitrary plugins, which can lead to Remote Code Execution.
PLUGIN
Orderable – WordPress Restaurant Online Ordering System and Food Ordering Plugin
CVE-2026-0974
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0912 - Toret Manager Plugin
The Toret Manager plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'trman_save_option' function and on the 'trman_save_option_items' in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
PLUGIN
Toret Manager
CVE-2026-0912
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-4521 - Request And Donor Management System Plugin
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonate_donor_profile() function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to hijack any account by reassigning its email address (via the donor_id they supply) and then triggering a password reset, ultimately granting themselves full administrator privileges.
PLUGIN
Request And Donor Management System
CVE-2025-4521
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-15041 - Backwpup Plugin
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the save_site_option() function in all versions up to, and including, 5.6.2. This makes it possible for authenticated attackers, with level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
PLUGIN
Backwpup
CVE-2025-15041
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-14452 - Wp Customer Reviews Plugin
The WP Customer Reviews plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpcr3_fname' parameter in all versions up to, and including, 3.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Wp Customer Reviews
CVE-2025-14452
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-13603 - Wp Audio Gallery Plugin
The WP AUDIO GALLERY plugin for WordPress is vulnerable to Unauthorized Arbitrary File Read in all versions up to, and including, 2.0. This is due to insufficient capability checks and lack of nonce verification on the "wpag_htaccess_callback" function This makes it possible for authenticated attackers, with subscriber-level access and above, to overwrite the site's .htaccess file with arbitrary content, which can lead to arbitrary file read on the server under certain configurations.
PLUGIN
Wp Audio Gallery
CVE-2025-13603
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-12975 - Webappick Product Feed For Woocommerce Plugin
The CTX Feed – WooCommerce Product Feed Manager plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the woo_feed_plugin_installing() function in all versions up to, and including, 6.6.11. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to install arbitrary plugins which can be leveraged to achieve remote code execution.
PLUGIN
Webappick Product Feed For Woocommerce
CVE-2025-12975
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-12845 - Fluent Plugin
The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPress is vulnerable to unauthorized access of data that leads to privilege escalation due to a missing capability check on the get_table_data() function in versions 0.5.4 to 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve plugin table data that can expose email log information. Attackers can leverage this on sites where the table log is enabled in order to trigger a password reset and obtain the reset key.
PLUGIN
Fluent
CVE-2025-12845
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-12821 - Newsblogger Theme
The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 0.2.5.6 to 0.2.6.1. This is due to missing or incorrect nonce validation on the newsblogger_install_and_activate_plugin() function. This makes it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This is due to a reverted fix of CVE-2025-1305.
THEME
Newsblogger
CVE-2025-12821
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-12707 - Library Management System Plugin
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Library Management System
CVE-2025-12707
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-11754 - Gdpr Cookie Consent Plugin
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin settings including API tokens, email addresses, account IDs, and site keys.
PLUGIN
Gdpr Cookie Consent
CVE-2025-11754
Risk Score