Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-12-08
CVE-2025-13313 - Crm Memberships Plugin
The CRM Memberships plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 2.5. This is due to missing authorization and authentication checks on the `ntzcrm_changepassword` AJAX action. This makes it possible for unauthenticated attackers to reset arbitrary user passwords and gain unauthorized access to user accounts via the `ntzcrm_changepassword` endpoint, granted they can obtain or enumerate a target user's email address. The plugin also exposes the `ntzcrm_get_users` endpoint without authentication, allowing attackers to enumerate subscriber email addresses, facilitating the exploitation of…
PLUGIN
Crm Memberships
CVE-2025-13313
Risk Score
Threat Entry
Updated 2025-12-08
CVE-2025-13312 - Crm Memberships Plugin
The CRM Memberships plugin for WordPress is vulnerable to unauthorized membership tag creation due to a missing capability check on the 'ntzcrm_add_new_tag' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to create arbitrary membership tags and modify CRM configuration that should be restricted to administrators.
PLUGIN
Crm Memberships
CVE-2025-13312
Risk Score
Threat Entry
Updated 2025-12-08
CVE-2025-13006 - Surveyfunnel Lite Plugin
The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via several unprotected /wp-json/surveyfunnel/v2/ REST API endpoints. This makes it possible for unauthenticated attackers to extract sensitive data from survey responses.
PLUGIN
Surveyfunnel Lite
CVE-2025-13006
Risk Score
Threat Entry
Updated 2025-12-08
CVE-2025-12417 - Surveyfunnel Lite Plugin
The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'surveyfunnel_lite_survey' shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Surveyfunnel Lite
CVE-2025-12417
Risk Score
Threat Entry
Updated 2025-12-08
CVE-2025-13066 - Demo Importer Plus Plugin
The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.0.6. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitization while being accepted as a valid WXR file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Demo Importer Plus
CVE-2025-13066
Risk Score
Threat Entry
Updated 2025-12-08
CVE-2025-12804 - Booking Calendar Plugin
The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'bookingcalendar' shortcode in all versions up to, and including, 10.14.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Booking Calendar
CVE-2025-12804
Risk Score
Threat Entry
Updated 2025-12-08
CVE-2025-11759 - Restore And Migrate Your Sites With Xcloner Plugin
The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the Xcloner_Remote_Storage:save() function. This makes it possible for unauthenticated attackers to add or modify an FTP backup configuration via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Successful exploitation allows an attacker to set an attacker-controlled FTP site for backup storage and…
PLUGIN
Restore And Migrate Your Sites With Xcloner
CVE-2025-11759
Risk Score
Threat Entry
Updated 2025-12-08
CVE-2025-13543 - Postgallery Plugin
The PostGallery plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'PostGalleryUploader' class functions in all versions up to, and including, 1.12.5. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Postgallery
CVE-2025-13543
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-12826 - Custom Post Type Ui Plugin
The Custom Post Type UI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.18.0. This is due to the plugin not verifying that a user has the required capability to perform actions in the "cptui_process_post_type" function. This makes it possible for authenticated attackers, with subscriber level access and above, to add, edit, or delete custom post types in limited situations.
PLUGIN
Custom Post Type Ui
CVE-2025-12826
Risk Score
Threat Entry
Updated 2025-12-11
CVE-2025-12782 - Beaver Builder Plugin
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable() function. This makes it possible for authenticated attackers, with contributor level access and above, to disable the Beaver Builder layout on arbitrary posts and pages, causing content integrity issues and layout disruption on those pages.
PLUGIN
Beaver Builder
CVE-2025-12782
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13513 - Clik Stats Plugin
The Clik stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Clik Stats
CVE-2025-13513
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-11727 - Codistoconnect Plugin
The Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration – Powered by Codisto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sync() function in all versions up to, and including, 1.3.65 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Codistoconnect
CVE-2025-11727
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-11379 - Webp Express Plugin
The WebP Express plugin for WordPress is vulnerable to information exposure via config files in all versions up to, and including, 0.25.9. This is due to the plugin not properly randomizing the name of the config file to prevent direct access on NGINX. This makes it possible for unauthenticated attackers to extract configuration data.
PLUGIN
Webp Express
CVE-2025-11379
Risk Score
Threat Entry
Updated 2025-12-16
CVE-2025-13390 - Wp Directory Kit Plugin
The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token.
PLUGIN
Wp Directory Kit
CVE-2025-13390
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13401 - Autoptimize Plugin
The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "create_img_preload_tag" function. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Autoptimize
CVE-2025-13401
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13756 - Fluent Booking Plugin
The Fluent Booking plugin for WordPress is vulnerable to unauthorized calendar import and management due to a missing capability check on the "importCalendar" function in all versions up to, and including, 1.9.11. This makes it possible for authenticated attackers, with subscriber level access and above, to import arbitrary calendars and manage them.
PLUGIN
Fluent Booking
CVE-2025-13756
Risk Score
Threat Entry
Updated 2025-12-05
CVE-2025-13359 - Taxopress Plugin
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based SQL Injection via the "getTermsForAjax" function in all versions up to, and including, 3.40.1. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database granted they have metabox…
PLUGIN
Taxopress
CVE-2025-13359
Risk Score
Threat Entry
Updated 2025-12-05
CVE-2025-13354 - Taxopress Plugin
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the "taxopress_merge_terms_batch" function. This makes it possible for authenticated attackers, with subscriber level access and above, to merge or delete arbitrary taxonomy terms.
PLUGIN
Taxopress
CVE-2025-13354
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13342 - Frontend Admin By Dynamiapps Plugin
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validation in the ActionOptions::run() save handler. This makes it possible for unauthenticated attackers to modify critical WordPress options such as users_can_register, default_role, and admin_email via submitting crafted form data to public frontend forms.
PLUGIN
Frontend Admin By Dynamiapps
CVE-2025-13342
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-12887 - Post Smtp Plugin
The Post SMTP plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.1. This is due to the plugin not properly verifying that a user is authorized to update OAuth tokens on the 'handle_gmail_oauth_redirect' function. This makes it possible for authenticated attackers, with subscriber level access and above, to inject invalid or attacker-controlled OAuth credentials.
PLUGIN
Post Smtp
CVE-2025-12887
Risk Score