Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total10,866
Critical0
High0
Medium10,866
Reset
Showing 3501-3520 of 10866 records
Threat Entry Updated 2025-05-07

CVE-2025-4220 - Xavins List Subpages Plugin

The Xavin's List Subpages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xls' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Xavins List Subpages

CVE-2025-4220

MEDIUM CVSS 6.4 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-4055 - Multiple Post Type Order Plugin

The Multiple Post Type Order plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mpto' shortcode in all versions up to, and including, 1.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Multiple Post Type Order

CVE-2025-4055

MEDIUM CVSS 6.4 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3853 - E Commerce Plugin

The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callback_generate_api_key() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create valid API keys on behalf of other users.

PLUGIN E Commerce

CVE-2025-3853

MEDIUM CVSS 6.5 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3860 - Cardealerpress Plugin

The CarDealerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘saleclass' parameter in all versions up to, and including, 6.7.2504.00 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Cardealerpress

CVE-2025-3860

MEDIUM CVSS 6.4 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-4054 - A Better Search Plugin

The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the highlights functionality in all versions up to, and including, 4.24.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page via the search results.

PLUGIN A Better Search

CVE-2025-4054

MEDIUM CVSS 6.1 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3924 - Peprodev Ups Plugin

The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access of data via its publicly exposed reset-password endpoint. The plugin looks up the 'valid_email' value based solely on a supplied username parameter, without verifying that the requester is associated with that user account. This allows unauthenticated attackers to enumerate email addresses for any user, including administrators.

PLUGIN Peprodev Ups

CVE-2025-3924

MEDIUM CVSS 5.3 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-2821 - Search Exclude Plugin

The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_rest_permission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding content from search results.

PLUGIN Search Exclude

CVE-2025-2821

MEDIUM CVSS 5.3 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3851 - Smartpay Plugin

The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 1.1.0 to 2.7.13 via the show() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's data like email address, name, and notes.

PLUGIN Smartpay

CVE-2025-3851

MEDIUM CVSS 4.3 2025-05-07
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3782 - Cision Block Plugin

The Cision Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 4.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Cision Block

CVE-2025-3782

MEDIUM CVSS 6.4 2025-05-06
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3281 - And User Profile Plugin

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing validation on the 'member_id' user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary user accounts that have registered through the plugin.

PLUGIN And User Profile

CVE-2025-3281

MEDIUM CVSS 5.3 2025-05-06
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-4337 - Ahathat Plugin

The AHAthat Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6. This is due to missing or incorrect nonce validation on the aha_plugin_page() function. This makes it possible for unauthenticated attackers to delete AHA pages via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

PLUGIN Ahathat

CVE-2025-4337

MEDIUM CVSS 4.3 2025-05-06
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3609 - Reales Wp Stpt Plugin

The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'reales_user_signup_form' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for unauthenticated attackers to create new user accounts, which can be leveraged with CVE-XX to achieve privilege escalation.

PLUGIN Reales Wp Stpt

CVE-2025-3609

MEDIUM CVSS 5.3 2025-05-06
Open Full Technical Breakdown
Threat Entry Updated 2025-05-05

CVE-2024-11615 - Envolve Plugin

The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.0 via the 'zetra_deleteLanguageFile' and 'zetra_deleteFontsFile' functions. This is due to the plugin not properly validating a file or its path prior to deleting it. This makes it possible for unauthenticated attackers to delete language files.

PLUGIN Envolve

CVE-2024-11615

MEDIUM CVSS 5.3 2025-05-05
Open Full Technical Breakdown
Threat Entry Updated 2025-05-07

CVE-2025-3583 - Before 8 Plugin

The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

PLUGIN Before 8

CVE-2025-3583

MEDIUM CVSS 4.8 2025-05-05
Open Full Technical Breakdown
Threat Entry Updated 2025-05-05

CVE-2025-3815 - Surveyjs Plugin

The SurveyJS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.12.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Surveyjs

CVE-2025-3815

MEDIUM CVSS 6.4 2025-05-03
Open Full Technical Breakdown
Threat Entry Updated 2025-05-05

CVE-2025-4199 - Abundatrade Plugin

The Abundatrade Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.02. This is due to missing or incorrect nonce validation on the 'abundatrade' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

PLUGIN Abundatrade

CVE-2025-4199

MEDIUM CVSS 6.1 2025-05-03
Open Full Technical Breakdown
Threat Entry Updated 2025-05-13

CVE-2025-4222 - Database Toolset Plugin

The Database Toolset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.4 via backup files stored in a publicly accessible location. This makes it possible for unauthenticated attackers to extract sensitive data from database backup files. An index file is present, so a brute force attack would need to be successful in order to compromise any data.

PLUGIN Database Toolset

CVE-2025-4222

MEDIUM CVSS 5.9 2025-05-03
Open Full Technical Breakdown
Threat Entry Updated 2025-05-05

CVE-2025-4172 - Vertical Response Newsletter Widget Plugin

The VerticalResponse Newsletter Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'verticalresponse' shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Vertical Response Newsletter Widget

CVE-2025-4172

MEDIUM CVSS 6.4 2025-05-03
Open Full Technical Breakdown
Threat Entry Updated 2025-05-05

CVE-2025-4170 - Xavins Review Ratings Plugin

The Xavin's Review Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xrr' shortcode in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Xavins Review Ratings

CVE-2025-4170

MEDIUM CVSS 6.4 2025-05-03
Open Full Technical Breakdown
Threat Entry Updated 2025-05-05

CVE-2025-4168 - Subpage View Plugin

The Subpage List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subpages' shortcode in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Subpage View

CVE-2025-4168

MEDIUM CVSS 6.4 2025-05-03
Open Full Technical Breakdown
Scroll to top