WP Security
WWordPress Vulnerability Database

Security Advisory Simple Gallery Plugin SQL Injection(CVE202558881)

  • September 5, 2025
WordPress New Simple Gallery Plugin <= 8.0 - SQL Injection Vulnerability
Read More
WWordPress Vulnerability Database

Community Alert eDS Responsive Menu Plugin Vulnerability(CVE202558839)

  • September 5, 2025
WordPress eDS Responsive Menu Plugin <= 1.2 - PHP Object Injection Vulnerability
Read More
WWordPress Vulnerability Database

Media Author Plugin Broken Access Control Advisory(CVE202558841)

  • September 5, 2025
WordPress Media Author Plugin <= 1.0.4 - Broken Access Control Vulnerability
Read More
WWordPress Vulnerability Database

Atec Debug Plugin Administrator File Deletion Risk(CVE20259518)

  • September 3, 2025
WordPress atec Debug plugin <= 1.2.22 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Advisory Make Connector Vulnerability(CVE20256085)

  • September 3, 2025
WordPress Make Connector plugin <= 1.5.10 - Authenticated (Administrator+) Arbitrary File Upload vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert Skyword Stored XSS(CVE202411907)

  • August 30, 2025
WordPress Skyword API Plugin plugin <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

Community Alert TablePress Stored XSS Vulnerability(CVE20259500)

  • August 30, 2025
WordPress TablePress plugin <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Advisory Ocean Extra XSS(CVE20259499)

  • August 30, 2025
WordPress Ocean Extra plugin <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via oceanwp_library Shortcode vulnerability
Read More
WWordPress Vulnerability Database

Security Advisory Booster for WooCommerce File Upload(CVE202413342)

  • August 30, 2025
WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Advisory Slider Revolution Vulnerability(CVE20259217)

  • August 29, 2025
WordPress Slider Revolution plugin <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images' vulnerability
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0