Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-10-16
CVE-2025-11722 - Accordion Panel For Category And Products Plugin
The Woocommerce Category and Products Accordion Panel plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'categoryaccordionpanel' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
PLUGIN
Accordion Panel For Category And Products
CVE-2025-11722
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11177 - External Login Plugin
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database when a PostgreSQL or MSSQL database is configured as the external authentication database.
PLUGIN
External Login
CVE-2025-11177
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10743 - Outdoor Plugin
The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all versions up to, and including, 1.3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Outdoor
CVE-2025-10743
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10754 - Docodoco Store Locator Plugin
The DocoDoco Store Locator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Editor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Docodoco Store Locator
CVE-2025-10754
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10313 - Find And Replace Content Plugin
The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the far_admin_ajax_fun() function in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts into pages that can make privilege escalation and malicious redirects possible.
PLUGIN
Find And Replace Content
CVE-2025-10313
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10299 - Create Temporary Login Plugin
The WPBifröst – Instant Passwordless Temporary Login Links plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ctl_create_link AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new administrative user accounts and subsequently log in as those.
PLUGIN
Create Temporary Login
CVE-2025-10299
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10293 - Keyy Plugin
The Keyy Two Factor Authentication (like Clef) plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.2.3. This is due to the plugin not properly validating a user's identity associated with a token generated. This makes it possible for authenticated attackers, with subscriber-level access and above, to generate valid auth tokens and leverage that to auto-login as other accounts, including administrators, as long as the administrator has the 2FA set up.
PLUGIN
Keyy
CVE-2025-10293
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10051 - Demo Import Kit Plugin
The Demo Import Kit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.1.0 via the import functionality. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Demo Import Kit
CVE-2025-10051
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11501 - Dynamically Display Posts Plugin
The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the 'tax_query' parameter in all versions up to, and including, 1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Dynamically Display Posts
CVE-2025-11501
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-6042 - Lisfinity Wordpress Theme Plugin
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.0. This is due to the plugin assigning the editor role by default. While limitations with respect to capabilities are put in place, use of the API is not restricted. This vulnerability can be leveraged together with CVE-2025-6038 to obtain admin privileges.
PLUGIN
Lisfinity Wordpress Theme
CVE-2025-6042
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11746 - Xstore Theme
The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theet_ajax_required_plugins_popup() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
THEME
Xstore
CVE-2025-11746
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-8593 - Gsheetconnector Gravity Forms Plugin
The GSheetConnector For Gravity Forms plugin for WordPress is vulnerable to authorization bypass in versions less than, or equal to, 1.3.27. This is due to a missing capability check on the 'install_plugin' function. This makes it possible for authenticated attackers, with subscriber-level access and above to install plugins on the target site and potentially achieve arbitrary code execution on the server under certain conditions.
PLUGIN
Gsheetconnector Gravity Forms
CVE-2025-8593
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10862 - And Woocommerce Triggers Plugin
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
And Woocommerce Triggers
CVE-2025-10862
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-6038 - Lisfinity Wordpress Theme Plugin
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including those of administrators.
PLUGIN
Lisfinity Wordpress Theme
CVE-2025-6038
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10496 - Cookie Notice Consent Plugin
The Cookie Notice & Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uuid parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Cookie Notice Consent
CVE-2025-10496
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-10635 - Find Me On Plugin
The Find Me On WordPress plugin through 2.0.9.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers and above to perform SQL injection attacks
PLUGIN
Find Me On
CVE-2025-10635
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-11204 - And User Login Plugin
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 6.0.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. An unauthenticated attacker could utilize an injected Cross-Site Scripting via user-agent…
PLUGIN
And User Login
CVE-2025-11204
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-10494 - Classified Listings Plugin
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation when deleting profile pictures in all versions up to, and including, 1.4.89. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Classified Listings
CVE-2025-10494
Risk Score
Threat Entry
Updated 2025-10-08
CVE-2025-10162 - Before 14 Does Not Validate The Path Of Files To Be Downloaded Plugin
The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files via a path traversal attack
PLUGIN
Before 14 Does Not Validate The Path Of Files To Be Downloaded
CVE-2025-10162
Risk Score
Threat Entry
Updated 2025-10-06
CVE-2025-9243 - Cost Calculator Builder Plugin
The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorizedmodification of data due to a missing capability check on the get_cc_orders and update_order_status functions in all versions up to, and including, 3.5.32. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access order management functions and modify order status.
PLUGIN
Cost Calculator Builder
CVE-2025-9243
Risk Score