Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-11-12
CVE-2025-11980 - Quick Featured Images Plugin
The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'delete_orphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database, granted they can convince an author-level user or higher to add a malicious custom field…
PLUGIN
Quick Featured Images
CVE-2025-11980
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-11448 - Envira Photo Gallery Plugin
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for authenticated attackers, with contributor-level access and above, to convert galleries to Envira galleries.
PLUGIN
Envira Photo Gallery
CVE-2025-11448
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12098 - Wordpress Lms Plugin For Complete Elearning Solution
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.8 via the 'enqueue_social_login_script' function. This makes it possible for unauthenticated attackers to extract sensitive data including the Facebook App Secret if Facebook Social Login is enabled.
PLUGIN
Wordpress Lms Plugin For Complete Elearning Solution
CVE-2025-12098
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12621 - Flexible Refund And Return Order For Woocommerce Plugin
The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured capability check on the 'create_refund' function in all versions up to, and including, 1.0.42. This makes it possible for authenticated attackers, with Contributor-level access and above, to update the status of refund requests, including approving and refusing refunds.
PLUGIN
Flexible Refund And Return Order For Woocommerce
CVE-2025-12621
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12498 - Bookings And Tickets Plugin
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized booking note creation due to a missing capability check on the 'booking_add_notes' function in all versions up to, and including, 4.2.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to add a note to the backend view of any booking.
PLUGIN
Bookings And Tickets
CVE-2025-12498
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-7663 - Ovatheme Events Manager Plugin
The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /class-ovaem-ajax.php file in all versions up to, and including, 1.8.6. This makes it possible for unauthenticated attackers to delete ticket files, download tickets, and more.
PLUGIN
Ovatheme Events Manager
CVE-2025-7663
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12193 - Mang Board Wp Plugin
The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mp' parameter in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Mang Board Wp
CVE-2025-12193
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12353 - Funnel Builder For Wordpress And Woocommerce To Collect Leads And Increase Sales Plugin
The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And Increase Sales plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 3.6.2. This is due to the plugin relying on a user controlled value 'optin_allow_registration' to determine if user registration is allowed, instead of the site-specific setting. This makes it possible for unauthenticated attackers to register new user accounts, even when user registration is disabled.
PLUGIN
Funnel Builder For Wordpress And Woocommerce To Collect Leads And Increase Sales
CVE-2025-12353
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12177 - Download Manager Plugin
The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired() and clearTempDataCPCron() functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs leading to deletion of expired posts and clearing cache.
PLUGIN
Download Manager
CVE-2025-12177
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12112 - Ht Script Plugin
The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via adding scripts in all versions up to, and including, 1.1.6 due to insufficient capability checks. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Ht Script
CVE-2025-12112
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12064 - Wp2social Auto Publish Plugin
The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Wp2social Auto Publish
CVE-2025-12064
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12125 - Simple Wordpress Forms Plugin
The HTML Forms – Simple WordPress Forms Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
PLUGIN
Simple Wordpress Forms
CVE-2025-12125
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12167 - Contact Form 7 Aweber Extension Plugin
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_aweber_logreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the AWeber logs.
PLUGIN
Contact Form 7 Aweber Extension
CVE-2025-12167
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12000 - Wpfunnels Plugin
The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpfnl_delete_log() function in all versions up to, and including, 3.6.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Wpfunnels
CVE-2025-12000
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12042 - Course Booking System Plugin
The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an export of all booking data.
PLUGIN
Course Booking System
CVE-2025-12042
Risk Score
Threat Entry
Updated 2025-11-28
CVE-2025-11972 - Simple Tags Plugin
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to SQL Injection via the 'post_types' parameter in all versions up to, and including, 3.40.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Simple Tags
CVE-2025-11972
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-11748 - Groups Plugin
The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0 via the 'group_id' parameter of the group_join function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to register for groups other than ones set in the shortcode.
PLUGIN
Groups
CVE-2025-11748
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12583 - Simple Downloads List Plugin
The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_neofix_sdl_edit' AJAX endpoint along with many others in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to alter many of the plugin's settings/downloads and inject malicious web scripts.
PLUGIN
Simple Downloads List
CVE-2025-12583
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12527 - Page Post Notes Plugin
The Page & Post Notes plugin for WordPress is vulnerable to unauthorized modification of notes due to a missing capability check on the 'yydev_notes_save_dashboard_data' function in all versions up to, and including, 1.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify notes.
PLUGIN
Page Post Notes
CVE-2025-12527
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-12520 - Wp Airbnb Review Slider Plugin
The WP Airbnb Review Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.2 due to insufficient URL validation that allows users to pull in a malicious HTML file. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
PLUGIN
Wp Airbnb Review Slider
CVE-2025-12520
Risk Score