CVE Alert: CVE-2024-13777
Vulnerability Summary: CVE-2024-13777 The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to PHP Object...
CVE
CVE Alert: CVE-2024-13811
Vulnerability Summary: CVE-2024-13811 The Lafka - Multi Store Burger - Pizza & Food Delivery WooCommerce Theme theme for WordPress is...
CVE Alert: CVE-2024-13779
Vulnerability Summary: CVE-2024-13779 The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to Reflected Cross-Site...
CVE Alert: CVE-2024-13839
Vulnerability Summary: CVE-2024-13839 The Staff Directory Plugin: Company Directory plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
CVE Alert: CVE-2024-5667
Vulnerability Summary: CVE-2024-5667 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Featherlight.js JavaScript library...
CVE Alert: CVE-2024-13815
Vulnerability Summary: CVE-2024-13815 The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to,...
CVE Alert: CVE-2024-13809
Vulnerability Summary: CVE-2024-13809 The Hero Slider - WordPress Slider Plugin plugin for WordPress is vulnerable to SQL Injection via several...
CVE Alert: CVE-2024-13810
Vulnerability Summary: CVE-2024-13810 The Zass - WooCommerce Theme for Handmade Artists and Artisans theme for WordPress is vulnerable to unauthorized...
CVE Alert: CVE-2025-0956
Vulnerability Summary: CVE-2025-0956 The WooCommerce Recover Abandoned Cart plugin for WordPress is vulnerable to PHP Object Injection in all versions...
CVE Alert: CVE-2025-25015
Vulnerability Summary: CVE-2025-25015 Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted...
CVE Alert: CVE-2025-1515
Vulnerability Summary: CVE-2025-1515 The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up...
CVE Alert: CVE-2025-0954
Vulnerability Summary: CVE-2025-0954 The WP Online Contract plugin for WordPress is vulnerable to unauthorized access due to a missing capability...
CVE Alert: CVE-2024-11153
Vulnerability Summary: CVE-2024-11153 The Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More plugin...
CVE Alert: CVE-2024-12281
Vulnerability Summary: CVE-2024-12281 The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including,...
CVE Alert: CVE-2024-11951
Vulnerability Summary: CVE-2024-11951 The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to,...
CVE Alert: CVE-2024-13423
Vulnerability Summary: CVE-2024-13423 The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check...
CVE Alert: CVE-2024-12650
Vulnerability Summary: CVE-2024-12650 An attacker with low privileges can manipulate the requested memory size, causing the application to use an...
CVE Alert: CVE-2025-1702
Vulnerability Summary: CVE-2025-1702 The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for...
CVE Alert: CVE-2024-13147
Vulnerability Summary: CVE-2024-13147 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Merkur Software B2B...
CVE Alert: CVE-2024-12097
Vulnerability Summary: CVE-2024-12097 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Boceksoft Informatics E-Travel...
CVE Alert: CVE-2024-11216
Vulnerability Summary: CVE-2024-11216 Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK...
CVE Alert: CVE-2024-13471
Vulnerability Summary: CVE-2024-13471 The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a...
CVE Alert: CVE-2025-1463
Vulnerability Summary: CVE-2025-1463 The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,...
CVE Alert: CVE-2025-23416
Vulnerability Summary: CVE-2025-23416 Path traversal may lead to arbitrary file deletion. The score without least privilege principle violation is as...
