Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-07-16
CVE-2025-6057 - Wpbookit Plugin
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_image_upload() function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Wpbookit
CVE-2025-6057
Risk Score
Threat Entry
Updated 2025-07-17
CVE-2025-6851 - Broken Link Notifier Plugin
The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajax_blinks() function which ultimately calls the check_url_status_code() function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Broken Link Notifier
CVE-2025-6851
Risk Score
Threat Entry
Updated 2025-07-15
CVE-2025-7442 - Wpgym Wordpress Gym Management System Plugin
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJ_gmgt_delete_class_limit_for_member, MJ_gmgt_get_yearly_income_expense, MJ_gmgt_get_monthly_income_expense, MJ_gmgt_add_class_limit, MJ_gmgt_view_meeting_detail, and MJ_gmgt_create_meeting functions in all versions up to 67.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wpgym Wordpress Gym Management System
CVE-2025-7442
Risk Score
Threat Entry
Updated 2025-07-11
CVE-2025-6970 - Events Manager Plugin
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Events Manager
CVE-2025-6970
Risk Score
Threat Entry
Updated 2025-07-11
CVE-2025-6742 - Sureforms Plugin
The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.7.3 via the use of file_exists() in the delete_entry_files() function without restriction on the path provided. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is…
PLUGIN
Sureforms
CVE-2025-6742
Risk Score
Threat Entry
Updated 2025-07-11
CVE-2025-6691 - Sureforms Plugin
The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_entry_files() function in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Sureforms
CVE-2025-6691
Risk Score
Threat Entry
Updated 2025-07-09
CVE-2025-6744 - Woodmart Plugin
The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode through the woodmart_get_products_shortcode() function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
PLUGIN
Woodmart
CVE-2025-6744
Risk Score
Threat Entry
Updated 2025-07-09
CVE-2025-6746 - Woodmart Plugin
The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.2.3 via the 'layout' attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php files can be uploaded and included.
PLUGIN
Woodmart
CVE-2025-6746
Risk Score
Threat Entry
Updated 2025-07-09
CVE-2025-7327 - Widget For Google Reviews Plugin
The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.0.15 via the layout parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This is limited to just…
PLUGIN
Widget For Google Reviews
CVE-2025-7327
Risk Score
Threat Entry
Updated 2025-07-08
CVE-2025-52807 - Allows Php Local File Inclusion Theme
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusWP Kossy - Minimalist eCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Kossy - Minimalist eCommerce WordPress Theme: from n/a through 1.45.
THEME
Allows Php Local File Inclusion
CVE-2025-52807
Risk Score
Threat Entry
Updated 2025-07-08
CVE-2025-32311 - Allows Reflected Xss Theme
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Pressroom - News Magazine WordPress Theme allows Reflected XSS. This issue affects Pressroom - News Magazine WordPress Theme: from n/a through 6.9.
THEME
Allows Reflected Xss
CVE-2025-32311
Risk Score
Threat Entry
Updated 2025-07-08
CVE-2025-6814 - Booking X Plugin
The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_now() function in versions 1.0 to 1.1.2. This makes it possible for unauthenticated attackers to download all plugin data, including user accounts, user meta, and PayPal credentials, by issuing a crafted POST request.
PLUGIN
Booking X
CVE-2025-6814
Risk Score
Threat Entry
Updated 2025-07-09
CVE-2025-6783 - Gozen Forms Plugin
The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the emdedSc() function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Gozen Forms
CVE-2025-6783
Risk Score
Threat Entry
Updated 2025-08-13
CVE-2025-6238 - Ai Engine Plugin
The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirect_uri' parameter is missing validation during the authorization flow. This makes it possible for unauthenticated attackers to intercept the authorization code and obtain an access token by redirecting the user to an attacker-controlled URI. Note: OAuth is disabled, the 'Meow_MWAI_Labs_OAuth' class is not loaded in the plugin in the patched version 2.8.5.
PLUGIN
Ai Engine
CVE-2025-6238
Risk Score
Threat Entry
Updated 2025-07-09
CVE-2025-6782 - Gozen Forms Plugin
The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the dirGZActiveForm() function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Gozen Forms
CVE-2025-6782
Risk Score
Threat Entry
Updated 2025-07-09
CVE-2025-6586 - Download Plugin
The Download Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dpwap_plugin_locInstall function in all versions up to, and including, 2.2.8. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Download
CVE-2025-6586
Risk Score
Threat Entry
Updated 2025-08-13
CVE-2025-5953 - Wp Human Resource Management Plugin
The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajax_insert_employee() and update_empoyee() functions in versions 2.0.0 through 2.2.17. The AJAX handler reads the client-supplied $_POST['role'] and, after basic cleaning via hrm_clean(), passes it directly to wp_insert_user() and later to $user->set_role() without verifying that the current user is allowed to assign that role. This makes it possible for authenticated attackers, with Employee-level access and above, to elevate their privileges to administrator.
PLUGIN
Wp Human Resource Management
CVE-2025-5953
Risk Score
Threat Entry
Updated 2025-07-10
CVE-2025-5322 - Vikrentcar Plugin
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the do_updatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server, which may make remote code execution possible.
PLUGIN
Vikrentcar
CVE-2025-5322
Risk Score
Threat Entry
Updated 2025-07-09
CVE-2025-5961 - Migration Backup Staging Plugin
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvivid_upload_import_files' function in all versions up to, and including, 0.9.116. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: Uploaded files are only accessible on WordPress instances running on the NGINX web server as the existing .htaccess within the target file upload folder prevents…
PLUGIN
Migration Backup Staging
CVE-2025-5961
Risk Score
Threat Entry
Updated 2025-07-03
CVE-2025-2932 - Jkdevkit Plugin
The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'font_upload_handler' function in all versions up to, and including, 1.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). If WooCommerce is enabled, attackers will need Contributor-level access and above.
PLUGIN
Jkdevkit
CVE-2025-2932
Risk Score