WP Security

Browsing Tag

WordPress Security

249 posts
WWordPress Vulnerability Database

Community Advisory Stored XSS in Events Addon(CVE20258150)

  • August 28, 2025
WordPress Events Addon for Elementor plugin <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter and Countdown Widgets vulnerability
WWordPress Vulnerability Database

Community Advisory RingCentral Two Factor Bypass(CVE20257955)

  • August 28, 2025
WordPress RingCentral Communications plugin 1.5-1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function
WWordPress Vulnerability Database

Hong Kong Cybersecurity Advisory Stored XSS Risk(CVE20258603)

  • August 28, 2025
WordPress Unlimited Elements For Elementor plugin <= 1.5.148 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
WWordPress Vulnerability Database

Public Advisory CSRF Enables Command Injection(CVE20257812)

  • August 28, 2025
WordPress Video Share VOD – Turnkey Video Site Builder Script plugin <= 2.7.6 - Cross-Site Request Forgery to Command Injection vulnerability
WWordPress Vulnerability Database

Community Alert Simple Download Monitor SQL Injection(CVE20258977)

  • August 28, 2025
WordPress Simple Download Monitor plugin <= 3.9.33 – Authenticated (Contributor+) SQL Injection via order parameter in Log Export functionality vulnerability
WWordPress Vulnerability Database

Hong Kong Security Advisory WooCommerce Stored XSS(CVE20258073)

  • August 28, 2025
WordPress Dynamic AJAX Product Filters for WooCommerce plugin <= 1.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via name Parameter vulnerability
WWordPress Vulnerability Database

Xagio SEO Backup Files Expose Sensitive Data(CVE202413807)

  • August 28, 2025
WordPress Xagio SEO plugin <= 7.1.0.5 - Unauthenticated Sensitive Information Exposure via Unprotected Back-Up Files vulnerability
WWordPress Vulnerability Database

Hong Kong Advisory Ajax Search Lite Exposure(CVE20257956)

  • August 28, 2025
WordPress Ajax Search Lite plugin <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler vulnerability
WWordPress Vulnerability Database

Beaver Builder Reflected Cross Site Scripting Vulnerability(CVE20258897)

  • August 28, 2025
WordPress Beaver Builder Plugin (Lite Version) plugin <= 2.9.2.1 - Reflected Cross-Site Scripting vulnerability
WWordPress Vulnerability Database

Community Alert ArcHub Authorization Vulnerability(CVE20250951)

  • August 28, 2025
WordPress ArcHub theme <= 1.2.12 - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated vulnerability
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0