WP Security
WWordPress Vulnerability Database

Stored XSS in AzureCurve BBCode Plugin(CVE20258398)

  • September 11, 2025
WordPress azurecurve BBCode plugin <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Shortcode vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert ThemeLoom Widgets XSS(CVE20259861)

  • September 11, 2025
WordPress ThemeLoom Widgets plugin <= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

HK Security Advisory Certifica Stored XSS(CVE20258316)

  • September 11, 2025
WordPress Certifica WP plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via evento Parameter vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert Elementor Addons XSS(CVE20258215)

  • September 11, 2025
WordPress Responsive Addons for Elementor plugin <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Advisory CatFolders SQL Injection(CVE20259776)

  • September 11, 2025
WordPress CatFolders plugin <= 2.5.2 - Authenticated (Author+) SQL Injection via CSV Import vulnerability
Read More
WWordPress Vulnerability Database

HK Security NGO Alert PagBank PagSeguro SQL(CVE202510142)

  • September 10, 2025
WordPress PagBank / PagSeguro Connect plugin <= 4.44.3 - Authenticated (Shop Manager+) SQL Injection vulnerability
Read More
WWordPress Vulnerability Database

Community Security Advisory PeachPay SQL Injection(CVE20259463)

  • September 10, 2025
WordPress PeachPay Payments plugin <= 1.117.5 - Authenticated (Contributor+) SQL Injection via order_by Parameter vulnerability
Read More
WWordPress Vulnerability Database

Protect Users from Accessibility Plugin Access Risk(CVE202558976)

  • September 9, 2025
WordPress Accessibility Checker by Equalize Digital Plugin <= 1.31.0 - Broken Access Control Vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security NGO Warns Welcart XSS Risk(CVE202558984)

  • September 9, 2025
WordPress Welcart e-Commerce Plugin <= 2.11.20 - Cross Site Scripting (XSS) Vulnerability
Read More
WWordPress Vulnerability Database

Public Advisory Include Me Plugin XSS Risk(CVE202558983)

  • September 9, 2025
WordPress Include Me Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0