Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-47445

Description: Relative Path Traversal vulnerability in Themewinter Eventin allows Path Traversal.This issue affects Eventin: from n/a through 4.0.26.

CVSS: HIGH (7.5)

EPSS Score: 0.06%

Source: CVE
May 14th, 2025 (25 days ago)

CVE-2025-4474

Description: The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin’s 'register' role setting to make new user registrations default to the administrator role, leading to an elevation of privileges to that of an administrator.

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
May 13th, 2025 (26 days ago)

CVE-2025-4473

Description: The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends outgoing emails. By pointing SMTP to their own server, attackers could capture password reset emails intended for administrators, and elevate their privileges for full site takeover.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE
May 13th, 2025 (26 days ago)

CVE-2025-4317

Description: The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS: HIGH (8.8)

EPSS Score: 0.23%

Source: CVE
May 13th, 2025 (26 days ago)

CVE-2025-4396

Description: The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 (Free) and <= 2.27.4 (Premium) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries to already existing queries that can be used to extract sensitive information from the database.

CVSS: HIGH (7.5)

EPSS Score: 15.02%

Source: CVE
May 13th, 2025 (26 days ago)

CVE-2025-3876

Description: The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction() function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to impersonate any account by supplying its username or email and elevate their privileges to that of an administrator.

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
May 10th, 2025 (29 days ago)

CVE-2025-2158

Description: The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.3.5 via the Post custom fields. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP file types can be uploaded and included, or pearcmd is enabled on a server with register_argc_argv also enabled.

CVSS: HIGH (8.8)

EPSS Score: 0.12%

Source: CVE
May 10th, 2025 (29 days ago)

CVE-2025-4206

Description: The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'process_export_delete' and 'process_import_delete' functions in all versions up to, and including, 4.1.1.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

CVSS: HIGH (7.2)

EPSS Score: 0.66%

Source: CVE
May 9th, 2025 (30 days ago)

CVE-2025-3455

Description: The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'start_restore' function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS: HIGH (8.8)

EPSS Score: 0.26%

Source: CVE
May 9th, 2025 (30 days ago)

CVE-2025-3419

Description: The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 4.0.26 via the proxy_image() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.

CVSS: HIGH (7.5)

EPSS Score: 0.08%

Source: CVE
May 8th, 2025 (about 1 month ago)