Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-3810 |
Description: The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses and passwords, including administrators, and leverage that to gain access to their account.
CVSS: CRITICAL (9.8) EPSS Score: 0.07%
May 9th, 2025 (29 days ago)
|
|
CVE-2025-47657 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Productive Minds Productive Commerce allows SQL Injection. This issue affects Productive Commerce: from n/a through 1.1.22.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47549 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10.
CVSS: CRITICAL (9.1) EPSS Score: 0.06%
May 7th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on May 7th, 2025 (about 1 month ago).
Description: A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82.Â
"This is due to the create_wp_connection() function missing a capability check and
CVSS: CRITICAL (9.8) EPSS Score: 17.88%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-4104 |
Description: The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator’s email and password, and elevate their privileges to that of an administrator.
CVSS: CRITICAL (9.8) EPSS Score: 0.12%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-3844 |
Description: The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handel_ajax_req() function not having proper restrictions on the change_user_meta functionality that makes it possible to set a OTP code and subsequently log in with that OTP code. This makes it possible for unauthenticated attackers to login as other users on the site, including administrators.
CVSS: CRITICAL (9.8) EPSS Score: 0.31%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-0855 |
Description: The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.8.0 via deserialization of untrusted input in the 'import_header' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
CVSS: CRITICAL (9.8) EPSS Score: 0.15%
May 6th, 2025 (about 1 month ago)
|
|
CVE-2025-1909 |
Description: The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
CVSS: CRITICAL (9.8) EPSS Score: 0.33%
May 5th, 2025 (about 1 month ago)
|
|
CVE-2025-3918 |
Description: The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration handler reads the client-supplied $_POST['user_role'] and passes it directly to wp_insert_user() without restricting to a safe set of roles. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
CVSS: CRITICAL (9.8) EPSS Score: 0.09%
May 3rd, 2025 (about 1 month ago)
|
|
CVE-2025-3746 |
Description: The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly.
CVSS: CRITICAL (9.8) EPSS Score: 0.18%
May 2nd, 2025 (about 1 month ago)
|