Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-10-14
CVE-2025-6553 - Ovatheme Events Manager Plugin
The Ovatheme Events Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_checkout() function in all versions up to, and including, 1.8.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Ovatheme Events Manager
CVE-2025-6553
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-11518 - Wpc Smart Wishlist For Woocommerce Plugin
The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via several wishlist AJAX functions due to missing validation on a user controlled key that is exposed when wishlists are shared. This makes it possible for unauthenticated attackers to empty and add to other user's wishlists, if they have access to the key.
PLUGIN
Wpc Smart Wishlist For Woocommerce
CVE-2025-11518
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-11254 - Sell With Paypal And Stripe Plugin
The Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 27.0.3 via gallery submissions. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.
PLUGIN
Sell With Paypal And Stripe
CVE-2025-11254
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-11167 - Tailored Tool For Seamless Login And Invitation Based Registrations Plugin
The CM Registration – Tailored tool for seamless login and invitation-based registrations plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.5.6. This is due to insufficient validation on the redirect url supplied via the 'redirect_url' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
PLUGIN
Tailored Tool For Seamless Login And Invitation Based Registrations
CVE-2025-11167
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-11533 - Wp Freeio Plugin
The WP Freeio plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.21. This is due to the process_register() function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.
PLUGIN
Wp Freeio
CVE-2025-11533
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-9496 - Enable Media Replace Plugin
The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file_modified shortcode in all versions up to, and including, 4.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Enable Media Replace
CVE-2025-9496
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-9196 - Text To Speech Ai Audio Player To Convert Content Into Audio Plugin
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data.
PLUGIN
Text To Speech Ai Audio Player To Convert Content Into Audio
CVE-2025-9196
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-11197 - Draft List Plugin
The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Draft List
CVE-2025-11197
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-10185 - Nex Forms Express Wp Form Builder Plugin
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in the action nf_load_form_entries in all versions up to, and including, 9.1.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This may be exploitable by lower-level users…
PLUGIN
Nex Forms Express Wp Form Builder
CVE-2025-10185
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-10048 - My Auctions Allegro Plugin
The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 3.6.31 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
My Auctions Allegro
CVE-2025-10048
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-9560 - Colibri Page Builder Plugin
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's colibri_newsletter shortcode in all versions up to, and including, 1.0.334 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Colibri Page Builder
CVE-2025-9560
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-11380 - Cloning Plugin
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everest_process_status' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to retrieve back-up file locations that can be subsequently accessed and downloaded. This does require a back-up to be running in order for an attacker to retrieve the back-up location.
PLUGIN
Cloning
CVE-2025-11380
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-7781 - Wp Jobhunt Plugin
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘cs_job_title’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wp Jobhunt
CVE-2025-7781
Risk Score
Threat Entry
Updated 2025-10-14
CVE-2025-7374 - Wp Jobhunt Plugin
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to authorization bypass in all versions up to, and including, 7.6. This is due to insufficient login restrictions on inactive and pending accounts. This makes it possible for authenticated attackers, with Candidate- and Employer-level access and above, to log in to the site even if their account is inactive or pending.
PLUGIN
Wp Jobhunt
CVE-2025-7374
Risk Score
Threat Entry
Updated 2025-11-13
CVE-2025-10124 - Booking Manager Plugin
The Booking Manager WordPress plugin before 2.1.15 registers a shortcode that deletes bookings and makes that shortcode available to anyone with contributor and above privileges. When a page containing the shortcode is visited, the bookings are deleted.
PLUGIN
Booking Manager
CVE-2025-10124
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-9371 - Betheme
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘page_title’ parameter in all versions up to, and including, 28.1.6 due to insufficient input sanitization and output escaping of theme breadcrumbs. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
THEME
Betheme
CVE-2025-9371
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10249 - Slider Revolution Plugin
The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above, to install and activate plugin add-ons, create sliders, and download arbitrary files.
PLUGIN
Slider Revolution
CVE-2025-10249
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-10862 - And Woocommerce Triggers Plugin
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
And Woocommerce Triggers
CVE-2025-10862
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-11522 - Go Directory Wordpress Theme
The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_user() function This makes it possible for unauthenticated attackers to gain access to other user's accounts, including administrators, when Facebook login is enabled.
THEME
Go Directory Wordpress Theme
CVE-2025-11522
Risk Score
Threat Entry
Updated 2025-10-09
CVE-2025-7634 - Wp Travel Engine Plugin
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
PLUGIN
Wp Travel Engine
CVE-2025-7634
Risk Score