Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-11-19
CVE-2025-12646 - Community Events Plugin
The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'dayofyear' parameter in all versions up to, and including, 1.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Community Events
CVE-2025-12646
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-4212 - Checkout Files Upload For Woocommerce Plugin
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in image files that will execute whenever a user accesses the injected page.
PLUGIN
Checkout Files Upload For Woocommerce
CVE-2025-4212
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-13069 - Enable Svg Webp Ico Upload Plugin
The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.2. This is due to insufficient file type validation detecting ICO files, allowing double extension files with the appropriate magic bytes to bypass sanitization while being accepted as a valid ICO file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Enable Svg Webp Ico Upload
CVE-2025-13069
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-12955 - Live Sales Notification For Woocommerce Plugin
The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.39. This is due to the "getOrders" function lacking proper authorization and capability checks when the plugin is configured to display recent order information. This makes it possible for unauthenticated attackers to extract sensitive customer information including buyer first names, city, state, country, purchase time and date, and product details.
PLUGIN
Live Sales Notification For Woocommerce
CVE-2025-12955
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-13088 - Category And Product Woocommerce Tabs Plugin
The Category and Product Woocommerce Tabs plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0. This is due to insufficient input validation on the 'template' parameter in the categoryProductTab() function. This makes it possible for authenticated attackers, with contributor level access and above, to include and execute arbitrary .php files on the server.
PLUGIN
Category And Product Woocommerce Tabs
CVE-2025-13088
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-12775 - Wp Dropzone Plugin
The WP Dropzone plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 1.1.0 via the `ajax_upload_handle` function. This is due to the chunked upload functionality writing files directly to the uploads directory before any file type validation occurs. This makes it possible for authenticated attackers, with subscriber level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Wp Dropzone
CVE-2025-12775
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-12528 - Pie Forms For Wp Plugin
The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the format_classic function. This is due to insufficient file type validation where the validate_classic method validates file extensions and sets error messages but does not prevent the file upload process from continuing. This makes it possible for unauthenticated attackers to upload files with dangerous extensions such as PHP, which makes remote code execution possible. In order to exploit this vulnerability, the attacker needs to guess the directory…
PLUGIN
Pie Forms For Wp
CVE-2025-12528
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-12411 - Premmerce Woocommerce Wholesale Pricing Plugin
The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'ID' parameter in versions up to, and including, 1.1.10. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber level access and above, to manipulate SQL queries that can be used to extract sensitive information from the database and modify price type display names in the database via the admin-post.php "premmerce_update_price_type" action, causing cosmetic…
PLUGIN
Premmerce Woocommerce Wholesale Pricing
CVE-2025-12411
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-11620 - Multiple Roles Per User Plugin
The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mrpu_add_multiple_roles_ui' and 'mrpu_save_multiple_user_roles' functions in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, granted the 'edit_users' capability, to edit any user's role, including promoting users to Administrator and demoting Administrators to lower-privileged roles.
PLUGIN
Multiple Roles Per User
CVE-2025-11620
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-12974 - Gravity Forms Plugin
The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the legacy chunked upload mechanism in all versions up to, and including, 2.9.21.1. This is due to the extension blacklist not including .phar files, which can be uploaded through the chunked upload mechanism. This makes it possible for unauthenticated attackers to upload executable .phar files and achieve remote code execution on the server, granted they can discover or enumerate the upload path. In order for an attacker to achieve RCE, the…
PLUGIN
Gravity Forms
CVE-2025-12974
Risk Score
Threat Entry
Updated 2025-11-18
CVE-2025-12482 - Amelia Plugin
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 1.2.35 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Amelia
CVE-2025-12482
Risk Score
Threat Entry
Updated 2025-11-14
CVE-2025-10686 - Creta Testimonial Showcase Plugin
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files.
PLUGIN
Creta Testimonial Showcase
CVE-2025-10686
Risk Score
Threat Entry
Updated 2025-11-14
CVE-2025-12904 - S H5pxapikatchu Plugin
The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insert_data' AJAX endpoint in all versions up to, and including, 0.4.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
S H5pxapikatchu
CVE-2025-12904
Risk Score
Threat Entry
Updated 2025-11-14
CVE-2025-12844 - Ai Engine Plugin
The AI Engine plugin for WordPress is vulnerable to PHP Object Injection via PHAR Deserialization in all versions up to, and including, 3.1.8 via deserialization of untrusted input in the 'rest_simpleTranscribeAudio' and 'rest_simpleVisionQuery' functions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an…
PLUGIN
Ai Engine
CVE-2025-12844
Risk Score
Threat Entry
Updated 2025-11-14
CVE-2025-12733 - Wp All Import Plugin
The Import any XML, CSV or Excel File to WordPress (WP All Import) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.9.6. This is due to the use of eval() on unsanitized user-supplied input in the pmxi_if function within helpers/functions.php. This makes it possible for authenticated attackers, with import capabilities (typically administrators), to inject and execute arbitrary PHP code on the server via crafted import templates. This can lead to remote code execution.
PLUGIN
Wp All Import
CVE-2025-12733
Risk Score
Threat Entry
Updated 2025-11-14
CVE-2025-11923 - Lifterlms Plugin
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to privilege escalation. This is due to the plugin not properly validating a user's identity prior to allowing them to modify their own role via the REST API. The permission check in the update_item_permissions_check() function returns true when a user updates their own account without verifying the role changes. This makes it possible for authenticated attackers, with student-level access and above, to escalate their privileges to administrator by updating their own roles array via…
PLUGIN
Lifterlms
CVE-2025-11923
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-11994 - Email Subscription With Secure Captcha Plugin
The Easy Email Subscription plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Email Subscription With Secure Captcha
CVE-2025-11994
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12903 - Woo Payment Gateway Plugin
The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaulted_nonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with permission_callback set to __return_true and processing user-supplied token IDs without verifying ownership or authentication. This makes it possible for unauthenticated attackers to retrieve payment method nonces for any stored payment token in the system, which can be used to create fraudulent transactions, charge customer credit cards, or…
PLUGIN
Woo Payment Gateway
CVE-2025-12903
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12633 - Bookit Plugin
The Booking Calendar | Appointment Booking | Bookit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/bookit/v1/commerce/stripe/return' REST API Endpoint in all versions up to, and including, 2.5.0. This makes it possible for unauthenticated attackers to connect their Stripe account and receive payments.
PLUGIN
Bookit
CVE-2025-12633
Risk Score
Threat Entry
Updated 2025-12-19
CVE-2025-11560 - Team Members Showcase Plugin
The Team Members Showcase WordPress plugin before 3.5.0 does not sanitize and escape a parameter before outputting it back in the page, leading to reflected cross-site scripting, which could be used against high-privilege users such as admins.
PLUGIN
Team Members Showcase
CVE-2025-11560
Risk Score