Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3,044
Critical0
High3,044
Medium0
Reset
Showing 1041-1060 of 3044 records
Threat Entry Updated 2025-07-10

CVE-2025-5012 - Workreap Plugin

The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'workreap_temp_upload_to_media' function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

PLUGIN Workreap

CVE-2025-5012

HIGH CVSS 8.8 2025-06-12
Open Full Technical Breakdown
Threat Entry Updated 2025-06-12

CVE-2025-3302 - Ai Powered Seo Plugin

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘HTTP_REFERER’ parameter in all versions up to, and including, 7.1.0.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 7.1.0.0.

PLUGIN Ai Powered Seo

CVE-2025-3302

HIGH CVSS 7.2 2025-06-11
Open Full Technical Breakdown
Threat Entry Updated 2025-07-10

CVE-2025-4315 - Cubewp Plugin

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.23. This is due to the plugin allowing a user to update arbitrary user meta through the update_user_meta() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator.

PLUGIN Cubewp

CVE-2025-4315

HIGH CVSS 8.8 2025-06-11
Open Full Technical Breakdown
Threat Entry Updated 2025-06-12

CVE-2025-5395 - Wordpress Automatic Plugin

The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'core.php' file in all versions up to, and including, 3.115.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

PLUGIN Wordpress Automatic

CVE-2025-5395

HIGH CVSS 8.8 2025-06-11
Open Full Technical Breakdown
Threat Entry Updated 2025-07-09

CVE-2025-4799 - Wp Downloadmanager Plugin

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory.

PLUGIN Wp Downloadmanager

CVE-2025-4799

HIGH CVSS 7.2 2025-06-11
Open Full Technical Breakdown
Threat Entry Updated 2025-07-02

CVE-2025-4954 - Axle Demo Importer Plugin

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary files such as PHP on the server

PLUGIN Axle Demo Importer

CVE-2025-4954

HIGH CVSS 8.8 2025-06-10
Open Full Technical Breakdown
Threat Entry Updated 2025-07-02

CVE-2025-4840 - Likes And Dislikes Plugin

The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

PLUGIN Likes And Dislikes

CVE-2025-4840

HIGH CVSS 7.5 2025-06-10
Open Full Technical Breakdown
Threat Entry Updated 2025-06-12

CVE-2025-4601 - WordPress Core

The "RH - Real Estate WordPress Theme" theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 4.4.0. This is due to the theme not properly restricting user roles that can be updated as part of the inspiry_update_profile() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to set their role to that of an administrator. The vulnerability was partially patched in version 4.4.0, and fully patched in version 4.4.1.

CORE WordPress Core

CVE-2025-4601

HIGH CVSS 8.8 2025-06-10
Open Full Technical Breakdown
Threat Entry Updated 2025-06-12

CVE-2025-28945 - Allows Php Local File Inclusion Theme

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Valen - Sport, Fashion WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Valen - Sport, Fashion WooCommerce WordPress Theme: from n/a through 2.4.

THEME Allows Php Local File Inclusion

CVE-2025-28945

HIGH CVSS 8.1 2025-06-09
Open Full Technical Breakdown
Threat Entry Updated 2025-06-12

CVE-2023-25999 - Allows Php Local File Inclusion Theme

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme BodyCenter - Gym, Fitness WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects BodyCenter - Gym, Fitness WooCommerce WordPress Theme: from n/a through 2.4.

THEME Allows Php Local File Inclusion

CVE-2023-25999

HIGH CVSS 8.1 2025-06-09
Open Full Technical Breakdown
Threat Entry Updated 2025-06-09

CVE-2025-5303 - Ltl Freight Quotes Day Ross Edition Plugin

The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day & Ross Edition plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the expiry_date parameter in all versions up to, and including, 1.0.11, 2.2.6 and 2.1.10 respectively, due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Ltl Freight Quotes Day Ross Edition

CVE-2025-5303

HIGH CVSS 7.2 2025-06-07
Open Full Technical Breakdown
Threat Entry Updated 2025-06-06

CVE-2025-49328 - WordPress Core

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agile Logix Store Locator WordPress allows SQL Injection. This issue affects Store Locator WordPress: from n/a through 1.5.1.

CORE WordPress Core

CVE-2025-49328

HIGH CVSS 7.6 2025-06-06
Open Full Technical Breakdown
Threat Entry Updated 2025-06-06

CVE-2025-28948 - WordPress Core

Cross-Site Request Forgery (CSRF) vulnerability in codedraft Mediabay - WordPress Media Library Folders allows Reflected XSS. This issue affects Mediabay - WordPress Media Library Folders: from n/a through 1.4.

CORE WordPress Core

CVE-2025-28948

HIGH CVSS 7.1 2025-06-06
Open Full Technical Breakdown
Threat Entry Updated 2025-06-06

CVE-2025-5018 - Hive Support Plugin

The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hs_update_ai_chat_settings() and hive_lite_support_get_all_binbox() functions in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read and overwrite the site’s OpenAI API key and inspection data or modify AI-chat prompts and behavior. This vulnerability is potentially a duplicate of CVE-2025-32208 or/and CVE-2025-32242.

PLUGIN Hive Support

CVE-2025-5018

HIGH CVSS 7.1 2025-06-06
Open Full Technical Breakdown
Threat Entry Updated 2025-06-10

CVE-2023-2921 - Short Url Plugin

The Short URL WordPress plugin through 1.6.8 does not properly sanitise and escape a parameter before using it in SQL statement, leading to a SQL injection exploitable by users with relatively low privilege on the site, like subscribers.

PLUGIN Short Url

CVE-2023-2921

HIGH CVSS 8.8 2025-06-06
Open Full Technical Breakdown
Threat Entry Updated 2025-06-05

CVE-2025-3055 - Wp User Frontend Pro Plugin

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_avatar_ajax() function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

PLUGIN Wp User Frontend Pro

CVE-2025-3055

HIGH CVSS 8.1 2025-06-05
Open Full Technical Breakdown
Threat Entry Updated 2025-06-05

CVE-2025-3054 - Wp User Frontend Pro Plugin

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. Please note that this requires the 'Private Message' module to be enabled and the Business version of the PRO software to be in use.

PLUGIN Wp User Frontend Pro

CVE-2025-3054

HIGH CVSS 8.8 2025-06-05
Open Full Technical Breakdown
Threat Entry Updated 2025-07-11

CVE-2025-5482 - Sunshine Photo Cart Plugin

The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.11. This is due to the plugin not properly validating a user-supplied key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords through the password reset functionality, including administrators, and leverage that to reset the user's password and gain access to their account.

PLUGIN Sunshine Photo Cart

CVE-2025-5482

HIGH CVSS 8.8 2025-06-04
Open Full Technical Breakdown
Threat Entry Updated 2025-06-04

CVE-2025-4392 - Shared Files Plugin

The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via html File uploads in all versions up to, and including, 1.7.48 due to insufficient input sanitization and output escaping within the sanitize_file() function. This makes it possible for unauthenticated attackers to bypass the plugin’s MIME-only checks and inject arbitrary web scripts in pages that will execute whenever a user accesses the html file.

PLUGIN Shared Files

CVE-2025-4392

HIGH CVSS 7.2 2025-06-03
Open Full Technical Breakdown
Threat Entry Updated 2025-06-04

CVE-2025-4224 - Wpforo Advanced Attachments Plugin

The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Wpforo Advanced Attachments

CVE-2025-4224

HIGH CVSS 7.2 2025-06-03
Open Full Technical Breakdown
Scroll to top