Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-12-04
CVE-2025-13109 - Products Filter Professional For Woocommerce Plugin
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.2 via the "woof_add_query" and "woof_remove_query" functions due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber level access and above, to insert or remove arbitrary saved search queries into any user's profile, including administrators.
PLUGIN
Products Filter Professional For Woocommerce
CVE-2025-13109
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-12358 - Shopengine Elementor Woocommerce Builder Addon Plugin
The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.5. This is due to missing nonce validation on the "post_add_to_list" function as well as an incorrect permissions callback in the "Api/init" function. This makes it possible for unauthenticated attackers to add or remove products from a user's wishlist via a forged request granted they can trick a site's user into performing an action such as clicking on a link.
PLUGIN
Shopengine Elementor Woocommerce Builder Addon
CVE-2025-12358
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13486 - Extended Plugin
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes it possible for unauthenticated attackers to execute arbitrary code on the server, which can be leveraged to inject backdoors or create new administrative user accounts.
PLUGIN
Extended
CVE-2025-13486
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2025-12954 - Timetable And Event Schedule By Motopress Plugin
The Timetable and Event Schedule by MotoPress WordPress plugin before 2.4.16 does not verify a user has access to a specific event when duplicating, leading to arbitrary event disclosure when to users with a role as low as Contributor.
PLUGIN
Timetable And Event Schedule By Motopress
CVE-2025-12954
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-12585 - Mxchat Basic Plugin
The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values that can subsequently be used to access conversation data.
PLUGIN
Mxchat Basic
CVE-2025-12585
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13495 - Fluent Cart Plugin
The FluentCart plugin for WordPress is vulnerable to SQL Injection via the 'groupKey' parameter in all versions up to, and including, 1.3.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Fluent Cart
CVE-2025-13495
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-10304 - Cloning Plugin
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the process_status_unlink() function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticated attackers to delete the back-up progress files and cause a back-up to fail while it is in progress.
PLUGIN
Cloning
CVE-2025-10304
Risk Score
Threat Entry
Updated 2025-12-15
CVE-2025-13646 - Modula Image Gallery Plugin
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files with race condition on the affected site's server which may make remote code execution possible.
PLUGIN
Modula Image Gallery
CVE-2025-13646
Risk Score
Threat Entry
Updated 2025-12-15
CVE-2025-13645 - Modula Image Gallery Plugin
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Modula Image Gallery
CVE-2025-13645
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13448 - Cssigniter Shortcodes Plugin
The CSSIgniter Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' shortcode attribute in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Cssigniter Shortcodes
CVE-2025-13448
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13542 - Designthemes Lms Plugin
The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.4. This is due to the 'dtlms_register_user_front_end' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.
PLUGIN
Designthemes Lms
CVE-2025-13542
Risk Score
Threat Entry
Updated 2025-12-02
CVE-2025-12630 - Before 1 Plugin
The Upload.am WordPress plugin before 1.0.1 is vulnerable to arbitrary option disclosure due to a missing capability check on its AJAX request handler, allowing users such as contributor to view site options.
PLUGIN
Before 1
CVE-2025-12630
Risk Score
Threat Entry
Updated 2025-12-02
CVE-2025-13731 - Nexter Extension Plugin
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'nxt-year' shortcode in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Nexter Extension
CVE-2025-13731
Risk Score
Threat Entry
Updated 2025-12-02
CVE-2025-13090 - Wp Directory Kit Plugin
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'search' parameter in all versions up to, and including, 1.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wp Directory Kit
CVE-2025-13090
Risk Score
Threat Entry
Updated 2025-12-02
CVE-2025-13516 - Smtp And Email Logs Plugin
The SureMail – SMTP and Email Logs Plugin for WordPress is vulnerable to Unrestricted Upload of File with Dangerous Type in versions up to and including 1.9.0. This is due to the plugin's save_file() function in inc/emails/handler/uploads.php which duplicates all email attachments to a web-accessible directory (wp-content/uploads/suremails/attachments/) without validating file extensions or content types. Files are saved with predictable names derived from MD5 hashes of their content. While the plugin attempts to protect this directory with an Apache .htaccess file to disable PHP execution, this protection is ineffective on nginx,…
PLUGIN
Smtp And Email Logs
CVE-2025-13516
Risk Score
Threat Entry
Updated 2025-12-02
CVE-2025-13724 - Vikrentcar Car Rental Management System Plugin
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Vikrentcar Car Rental Management System
CVE-2025-13724
Risk Score
Threat Entry
Updated 2025-12-04
CVE-2025-13534 - Wsdesk Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.2. This is due to missing authorization checks on the eh_crm_edit_agent AJAX action. This makes it possible for authenticated attackers, with Contributor-level access and above, to escalate their WSDesk privileges from limited "Reply Tickets" permissions to full helpdesk administrator capabilities, gaining unauthorized access to ticket management, settings configuration, agent administration, and sensitive customer data.
PLUGIN
Wsdesk
CVE-2025-13534
Risk Score
Threat Entry
Updated 2025-12-02
CVE-2025-13696 - Zigaform Calculator Cost Estimation Form Builder Lite Plugin
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.6.5. This is due to the plugin exposing a public AJAX endpoint that retrieves form submission data without performing authorization checks to verify ownership or access rights. This makes it possible for unauthenticated attackers to extract sensitive form submission data including personal information, payment details, and other private data via the rocket_front_payment_seesummary action by enumerating sequential form_r_id values.
PLUGIN
Zigaform Calculator Cost Estimation Form Builder Lite
CVE-2025-13696
Risk Score
Threat Entry
Updated 2025-12-11
CVE-2025-11726 - Beaver Builder Plugin
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.9.4. This is due to insufficient capability checks in the REST API endpoints under the 'fl-controls/v1' namespace that control site-wide Global Presets. This makes it possible for authenticated attackers with contributor-level access and above to add, modify, or delete global color and background presets that affect all Beaver Builder content site-wide.
PLUGIN
Beaver Builder
CVE-2025-11726
Risk Score
Threat Entry
Updated 2025-12-02
CVE-2025-13007 - Wp Social Reviews Plugin
The WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping on externally-sourced content. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, granted they can post malicious content to a connected Google Business Profile or Facebook page.
PLUGIN
Wp Social Reviews
CVE-2025-13007
Risk Score