Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-11-26
CVE-2025-10006 - Page Builder Plugin
The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rev_slider_vc' shortcode in all versions up to, and including, 8.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is only exploitable when RevSlider is also installed.
PLUGIN
Page Builder
CVE-2025-10006
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11857 - Fb2wp Integration Tools Plugin
The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mxp_fb2wp_display_embed' shortcode in all versions up to, and including, 1.9.9. This is due to the plugin not properly sanitizing user input and output of the 'post_id' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Fb2wp Integration Tools
CVE-2025-11857
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11742 - Wpc Smart Wishlist For Woocommerce Plugin
The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wishlist_quickview' AJAX action in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's wishlist data and information.
PLUGIN
Wpc Smart Wishlist For Woocommerce
CVE-2025-11742
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11738 - Media Library Assistant Plugin
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can contain sensitive information.
PLUGIN
Media Library Assistant
CVE-2025-11738
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11361 - Essential Blocks Plugin
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.7.1 via the eb_save_ai_generated_image function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Essential Blocks
CVE-2025-11361
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11378 - Avif Plugin
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixel_ajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to export and import site options.
PLUGIN
Avif
CVE-2025-11378
Risk Score
Threat Entry
Updated 2025-10-21
CVE-2025-11895 - Binary Mlm Plan Plugin
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 3.0. This is due to the bmp_user_payout_detail_of_current_user() function selecting payout records solely by id without verifying ownership. This makes it possible for authenticated attackers with the bmp_user role (often subscribers) to view other members' payout summaries via direct requests to the /bmp-account-detail/ endpoint with a crafted payout-id parameter granted they can access the shortcode output.
PLUGIN
Binary Mlm Plan
CVE-2025-11895
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10850 - Felan Framework Plugin
The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fb_ajax_login_or_register' function and in the 'google_ajax_login_or_register' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, if they registered with facebook or google social login and did not change their password.
PLUGIN
Felan Framework
CVE-2025-10850
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10742 - Truelysell Core Plugin
The Truelysell Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.8.6. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. Note: This can only be exploited unauthenticated if the attacker knows which page contains the 'truelysell_edit_staff' shortcode.
PLUGIN
Truelysell Core
CVE-2025-10742
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10706 - Classified Pro Theme
The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwp_addons_update_plugin_cb' function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins on the affected site's server which may make remote code execution possible. Note: The required nonce for the vulnerability is in the CubeWP Framework plugin.
THEME
Classified Pro
CVE-2025-10706
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10849 - Felan Framework Plugin
The Felan Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_plugin_actions' function called via an AJAX action in versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to activate or deactivate arbitrary plugins.
PLUGIN
Felan Framework
CVE-2025-10849
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11814 - Ultimate Addons For Wpbakery Plugin
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to 3.21.1 (exclusive) due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Ultimate Addons For Wpbakery
CVE-2025-11814
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-10700 - Usability Plugin
The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the enable_unfiltered_files_upload function. This makes it possible for unauthenticated attackers to enable unfiltered file upload and add svg files to the upload list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
PLUGIN
Usability
CVE-2025-10700
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-9967 - Orion Sms Otp Verification Plugin
The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's password to a one-time password if the attacker knows the user's phone number
PLUGIN
Orion Sms Otp Verification
CVE-2025-9967
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11722 - Accordion Panel For Category And Products Plugin
The Woocommerce Category and Products Accordion Panel plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'categoryaccordionpanel' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
PLUGIN
Accordion Panel For Category And Products
CVE-2025-11722
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11728 - Oceanpayment Creditcard Gateway Plugin
The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and unauthorized modification of data due to missing authentication and capability checks on the 'return_payment' and 'notice_payment' functions in all versions up to, and including, 6.0. This makes it possible for unauthenticated attackers to update WooCommerce orders to 'failed' status, and update transaction IDs.
PLUGIN
Oceanpayment Creditcard Gateway
CVE-2025-11728
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11177 - External Login Plugin
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database when a PostgreSQL or MSSQL database is configured as the external authentication database.
PLUGIN
External Login
CVE-2025-11177
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11365 - Wp Google Map Plugin
The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'google_map' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wp Google Map
CVE-2025-11365
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11701 - Zip Attachments Plugin
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the za_create_zip_callback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to download attachments from private and password-protected posts.
PLUGIN
Zip Attachments
CVE-2025-11701
Risk Score
Threat Entry
Updated 2025-10-16
CVE-2025-11692 - Zip Attachments Plugin
The Zip Attachments plugin for WordPress is vulnerable to unauthorized loss of data due to a missing authorization and capability checks on the download.php file in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to delete arbitrary files from the current wp_upload_dir directory.
PLUGIN
Zip Attachments
CVE-2025-11692
Risk Score