Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-12-01
CVE-2025-9191 - Houzez Theme
The Houzez theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.6 via deserialization of untrusted input in saved-search-item.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target…
THEME
Houzez
CVE-2025-9191
Risk Score
Threat Entry
Updated 2025-12-01
CVE-2025-9163 - Houzez Theme
The Houzez theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.1.6 due to insufficient input sanitization and output escaping in the houzez_property_img_upload() and houzez_property_attachment_upload() functions. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
THEME
Houzez
CVE-2025-9163
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13414 - Chamber Dashboard Business Directory Plugin
The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to unauthorized data export due to a missing capability check on the cdash_watch_for_export() function in all versions up to, and including, 3.3.11. This makes it possible for unauthenticated attackers to export business directory information, including sensitive business details.
PLUGIN
Chamber Dashboard Business Directory
CVE-2025-13414
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13405 - Ace Post Type Builder Plugin
The Ace Post Type Builder plugin for WordPress is vulnerable to unauthorized custom taxonomy deletion due to missing authorization validation on the cptb_delete_custom_taxonomy() function in all versions up to, and including, 1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary custom taxonomies.
PLUGIN
Ace Post Type Builder
CVE-2025-13405
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13404 - Atec Duplicate Page Post Plugin
The atec Duplicate Page & Post plugin for WordPress is vulnerable to unauthorized post duplication due to missing authorization validation on the duplicate_post() function in all versions up to, and including, 1.2.20. This makes it possible for authenticated attackers, with Contributor-level access and above, to duplicate arbitrary posts, including private and password-protected posts, leading to data exposure.
PLUGIN
Atec Duplicate Page Post
CVE-2025-13404
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13389 - Admin And Client Message After Order For Woocommerce Plugin
The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `get_order_by_id()` function in all versions up to, and including, 14. This makes it possible for unauthenticated attackers to view sensitive WooCommerce order details and private conversation messages between customers and store administrators for any order by supplying an arbitrary order ID.
PLUGIN
Admin And Client Message After Order For Woocommerce
CVE-2025-13389
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13452 - Admin And Client Message After Order For Woocommerce Plugin
The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14. This is due to a flawed permission check in the REST API permission callback that returns true when no nonce is provided. This makes it possible for unauthenticated attackers to impersonate any WordPress user and inject arbitrary messages into any WooCommerce order conversation by directly calling the REST endpoint with controlled user_id, order_id, and context parameters.
PLUGIN
Admin And Client Message After Order For Woocommerce
CVE-2025-13452
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13380 - Liquid Chatgpt Plugin
The AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1. This is due to insufficient validation of user-supplied file paths in the 'lqdai_update_post' AJAX endpoint and the use of file_get_contents() with user-controlled URLs without protocol restrictions in the insert_image() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
PLUGIN
Liquid Chatgpt
CVE-2025-13380
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13383 - Job Board Plugin
The Job Board by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.2.1. This is due to the plugin storing the entire unsanitized `$_GET` superglobal array directly into the database via `update_user_meta()` when users save search results, and later outputting this data without proper escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute whenever a user accesses the saved search or views their profile, granted they can trick the user into performing the search and…
PLUGIN
Job Board
CVE-2025-13383
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13386 - Social Images Widget Plugin
The Social Images Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'options_update' function in all versions up to, and including, 2.1. This makes it possible for unauthenticated attackers to delete the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
PLUGIN
Social Images Widget
CVE-2025-13386
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13385 - Bookme Free Appointment Booking System Plugin
The Bookme – Free Online Appointment Booking and Scheduling Plugin for WordPress is vulnerable to time-based SQL Injection via the `filter[status]` parameter in all versions up to, and including, 4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with admin-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Bookme Free Appointment Booking System
CVE-2025-13385
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13382 - Nmedia User File Uploader Plugin
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level access and above, to rename files uploaded by other users via the 'fileid' parameter.
PLUGIN
Nmedia User File Uploader
CVE-2025-13382
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-12645 - Inline Frame Iframe Plugin
The Inline frame – Iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'embedsite' shortcode in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Inline Frame Iframe
CVE-2025-12645
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13370 - Projectlist Plugin
The ProjectList plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and including, 0.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Projectlist
CVE-2025-13370
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-13311 - Just Highlight Plugin
The Just Highlight plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Highlight Color' setting in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the plugin's settings page.
PLUGIN
Just Highlight
CVE-2025-13311
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-12634 - Refund Request For Woocommerce Plugin
The Refund Request for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_refund_status' function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update refund statuses to approved or rejected.
PLUGIN
Refund Request For Woocommerce
CVE-2025-12634
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-12525 - Locker Content Plugin
The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockerco_submit_post' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin.
PLUGIN
Locker Content
CVE-2025-12525
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-12043 - Auyautochat For Wp Plugin
The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_nopriv_auycht_saveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to connect and disconnect the client ID.
PLUGIN
Auyautochat For Wp
CVE-2025-12043
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-12587 - Peer Publish Plugin
The Peer Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the website management pages. This makes it possible for unauthenticated attackers to add, modify, or delete website configurations via a forged request granted they can trick an administrator into performing an action such as clicking on a link.
PLUGIN
Peer Publish
CVE-2025-12587
Risk Score
Threat Entry
Updated 2025-11-25
CVE-2025-12586 - Maintenance Mode Based On User Roles Plugin
The Conditional Maintenance Mode for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation when toggling the maintenance mode status. This makes it possible for unauthenticated attackers to enable or disable the site's maintenance mode via a forged request granted they can trick an administrator into performing an action such as clicking on a link.
PLUGIN
Maintenance Mode Based On User Roles
CVE-2025-12586
Risk Score