Wordfence Intelligence Weekly WordPress Vulnerability Report (January 13, 2025 to January 19, 2025)


📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest.


Last week, there were 408 vulnerabilities disclosed in 376 WordPress Plugins and 18 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 69 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 22,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.


New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:

  • Adifier System <= 3.1.7 – Unauthenticated Arbitrary Password Reset
  • WAF-RULE-794 – Data redacted while we work with the vendor on a patch.
  • WAF-RULE-795 – Data redacted while we work with the vendor on a patch.
  • WAF-RULE-796 – Data redacted while we work with the vendor on a patch.
  • WAF-RULE-798 – Data redacted while we work with the vendor on a patch.
  • WAF-RULE-799 – Data redacted while we work with the vendor on a patch.
  • WAF-RULE-800 – Data redacted while we work with the vendor on a patch.
  • WAF-RULE-801 – Data redacted while we work with the vendor on a patch.
  • WAF-RULE-802 – Data redacted while we work with the vendor on a patch.

Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.


Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Patched 92
Unpatched 316

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating Number of Vulnerabilities
Low Severity 2
Medium Severity 368
High Severity 29
Critical Severity 9

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 200
Cross-Site Request Forgery (CSRF) 116
Missing Authorization 38
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) 19
Unrestricted Upload of File with Dangerous Type 9
Exposure of Sensitive Information to an Unauthorized Actor 6
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) 4
Incorrect Privilege Assignment 4
Exposure of Private Personal Information to an Unauthorized Actor 2
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) 2
Authorization Bypass Through User-Controlled Key 1
Dependency on Vulnerable Third-Party Component 1
Deserialization of Untrusted Data 1
Improper Access Control 1
Improper Authentication 1
Improper Control of Generation of Code (‘Code Injection’) 1
Improper Privilege Management 1
Unverified Password Change 1

Researchers That Contributed to WordPress Security Last Week

Researcher Name Number of Vulnerabilities
183
30
28
20
13
11
7
7
6
4
4
4
4
4
4
3
3
3
3
3
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
1

UKO
1
1
1

luc
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.


WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
“Visit Site” Link enhanced – WordPress PlugIn visit-site-link-enhanced
301 SEO REDIRECTION | COUNTRY BASED REDIRECTION [ REDIRECTION PLUS ] redirection-plus
Ad Blocking Detector ad-blocking-detector
add custom google tag manager add-custom-google-tag-manager
Add RSS add-rss
Adifier System adifier-system
Admin and Customer Messages After Order for WooCommerce: OrderConvo admin-and-client-message-after-order-for-woocommerce
Admin Cleanup admin-cleanup
Admin Menu Organizer admin-menu-organizer
Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin file-manager-advanced
AI Responsive Gallery Album ai-responsive-gallery-album
Ajax Contact Form fws-ajax-contact-form
Ajax WP Query Search Filter ajax-wp-query-search-filter
AlT Report alt-report
Altima Lookbook Free for WooCommerce altima-lookbook-free-for-woocommerce
Amber amberlink
amr personalise amr-personalise
Annie annie
Anonymize Links anonymize-links
Apply with LinkedIn buttons apply-with-linkedin-buttons
ApplyOnline – Application Form Builder and Manager apply-online
Auphonic Importer auphonic-importer
Auto FTP auto-ftp
Awesome Responsive Photo Gallery – Image & Video Lightbox Gallery awesome-responsive-photo-gallery
Background animation blocks background-animation-blocks
Background Control background-control
Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) barcode-scanner-lite-pos-to-manage-products-inventory-and-orders
Better Protected Pages better-protected-pages
Bible Embed bible-embed
Bit.ly linker bitly-linker
BizLibrary bizlibrary
Blog Summary blog-summary
Blogger Image Import blogger-image-import
Board Election board-election
Bold pagos en linea bold-pagos-en-linea
bonjour-bar bonjour-bar
Book a Place book-a-place
Bookalet bookalet
Brizy Pro brizy-pro
Build Private Store For Woocommerce build-private-store-for-woocommerce
Button Block – Get fully customizable & multi-functional buttons button-block
Cache Sniper for Nginx snipe-nginx-cache
Captchelfie – Captcha by Selfie captchelfie-captcha-by-selfie
Car Demon car-demon
Category Custom Fields categorycustomfields
Category D3 Tree category-d3-tree
CC Circle Progress Bar cc-circle-progress-bar
Chamber Dashboard Business Directory chamber-dashboard-business-directory
Charity-thermometer charitydonation-thermometer
Chatter chatter
Checkout for PayPal checkout-for-paypal
Chess Tempo Viewer chesstempoviewer
CJ Custom Content cj-custom-content
CNZZ&51LA for WordPress cnzz51la-for-wordpress
CodeBard Help Desk codebard-help-desk
CoDesigner – All in One Elementor WooCommerce Builder woolementor
Comment-Emailer comment-emailer
Compare Ninja: Create Professional Comparison Tables and Easily Add Them to Your Website compare-ninja-comparison-tables
Contact Form 7 Anti Spambot contact-form-7-anti-spambot
Contact Form 7 Redirect & Thank You Page cf7-redirect-thank-you-page
Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution
Contact Form 7 – CCAvenue Add-on cf7-cc-avenue-add-on
Content Security Policy Pro content-security-policy-pro
Cookie Consent & Autoblock for GDPR/CCPA cookie-consent-autoblock
Copy Move Posts copy-move-posts
Copyright Safeguard Footer Notice copyright-safeguard-footer-notice
Course Booking System course-booking-system
Custom CSS Addons css-addons
Custom List Table Example custom-list-table-example
Custom Post custom-post-type-gui
Custom Post Type Lockdown WordPress custom-post-type-lockdown
Custom Widget Classes custom-widget-classes
Customizable Captcha and Contact us customizable-captcha-and-contact-us-form
Daily Proverb daily-proverb
DD Roles dd-roles
Debt Calculator debt-calculator
Debug Tool debug-tool
DF Draggable df-draggable
dForms dforms
Easy Code Snippets easy-code-snippets
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy easy-digital-downloads
Easy EU Cookie law easy-eu-cookie-law
Easy FAQs easy-faqs
Easy Portfolio easy-portfolio
Easy Shortcode Buttons easy-shortcode-buttons
Easy Tweet Embed easy-tweet-embed
Easy Tynt easy-tynt
ECT Add to Cart Button ect-add-to-cart-button
EditionGuard for WooCommerce – eBook Sales with DRM editionguard-for-woocommerce-ebook-sales-with-drm
ElementInvader Addons for Elementor elementinvader-addons-for-elementor
Elementor Addon Elements addon-elements-for-elementor-page-builder
Elementor Addons AI Addons – 70 Widgets, Premium Templates, Ultimate Elements ai-addons-for-elementor
Email Capture & Lead Generation email-capture-lead-generation
Email on Publish email-on-publish
EmailShroud emailshroud
Enhanced YouTube Shortcode enhanced-youtube-shortcode
Error Notification error-notification
Event Countdown Timer Plugin by TechMix event-countdown-timer
Event Monster – Event Management, Tickets Booking, Upcoming Event event-monster
Event Registration Calendar By vcita event-registration-calendar-by-vcita
Eventer – WordPress Event & Booking Manager Plugin eventer
Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media evergreen-content-poster
Explara Membership explara-membership
Extra Options – Favicons extra-options-favicons
EZPlayer ezplayer
FAT Event Lite fat-event-lite
Feedburner Optin Form feedburner-optin-form
Find Your Reps find-your-reps
Flexible PDF Coupons – Gift Cards & Vouchers for WooCommerce flexible-coupons
Floatbox Plus floatbox-plus
Flying Twitter Birds flying-twitter-birds
FontAwesome.io ShortCodes fontawesomeio-shortcodes
Foundation Columns foundation-columns
FP RSS Category Excluder fp-rss-category-excluder
Free MailClient FMC mailclient
Gallery and Lightbox gallery-and-lightbox
Gallery: Hybrid – Advanced Visual Gallery hybrid-gallery
GDPR Personal Data Reports gdpr-personal-data-reports
GDReseller gdreseller
Genki Announcement genki-announcement
Geotagged Media geotagged-media
Giveaways and Contests by PromoSimple giveaways-contests-by-promosimple
Glofox Shortcodes glofox-shortcodes
GMap Shortcode gmap-shortcode
GMAPS for WPBakery Page Builder Free gmaps-for-visual-composer-free
go Social go-social
Goldstar goldstar
Google Org Chart google-org-chart
GravatarLocalCache gravatarlocalcache
Gravity Forms gravityforms
Greek Namedays Widget From Eortologio.Net greek-namedays-widget
GSheetConnector for Forminator Forms gsheetconnector-forminator
Guten Free Options guten-free-options
Hack me if you can hack-me-if-you-can
HireHive Job Plugin zartis-job-plugin
Homey Login Register homey-login-register
Horizontal Line Shortcode horizontal-line-shortcode
Hotspots Analytics hotspots
Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file htaccess-file-editor
HTML5 Video Player – mp4 Video Player Plugin and Block html5-video-player
HTTP to HTTPS link changer by Eyga.net https-links-in-content
Image Gallery Box by CRUDLab image-gallery-box-by-crudlab
Image Source Control Lite – Show Image Credits and Captions image-source-control-isc
Image Switcher image-switcher
imaGenius imagenius
Import Users to MailChimp import-users-to-mailchimp
Incredible Font Awesome incredible-font-awesome
Instant Appointment instant-appointment
iSpring Embedder embed-ispring
JB Horizontal Scroller News Ticker jb-horizontal-scroller-news-ticker
Jet Skinner for BuddyPress jet-skinner-for-buddypress
JetEngine jet-engine
JSM Screenshot Machine Shortcode screenshot-machine-shortcode
Kapost kapost-byline
Kopa Nictitate Toolkit kopa-nictitate-toolkit
Kubio AI Page Builder kubio
Legull legull
Len Slider len-slider
LH Email lh-email
LH Login Page lh-login-page
Lijit Search wp-lijit-wijit
Links/Problem Reporter report-broken-links
LocalGrid localgrid
Loginplus loginplus
LSD Google Maps Embedder lsd-google-maps-embedder
LTL Freight Quotes – Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition
MACME macme
Magic Google Maps magic-google-maps
MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder mailchimp-subscribe-sm
Mark Posts mark-posts
MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution marketking-multivendor-marketplace-for-woocommerce
Marmoset Viewer marmoset-viewer
Marquee Style RSS News Ticker marquee-style-rss-news-ticker
Mass Custom Fields Manager mass-custom-fields-manager
Mass Messaging in BuddyPress mass-messaging-in-buddypress
MD Custom content after or before of post md-custom-content
MDC YouTube Downloader mdc-youtube-downloader
MeinTurnierplan.de Widget Viewer meinturnierplande-widget-viewer
MemeOne memeone
Menus Plus+ menus-plus
MercadoLibre Integration mercadolibre-integration
Metaphor Widgets mtphr-widgets
MFPlugin mfplugin
MHR-Custom-Anti-Copy mhr-custom-anti-copy
MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet paid-membership
Mindmeister Shortcode mindmeister-shortcode
More Link Modifier more-link-modifier
Motors – Car Dealer, Classifieds & Listing motors-car-dealership-classified-listings
Moving Users moving-users
Multi Step Form multi-step-form
Multi Uploader for Gravity Forms gf-multi-uploader
Multilang Contact Form multilang-contact-form
My auctions allegro my-auctions-allegro-free-edition
My Tickets – Accessible Event Ticketing my-tickets
my-related-posts my-related-posts
MyAnime Widget myanime-widget
mybb Last Topics mybb-last-topics
MyBookProgress by Stormhill Media mybookprogress
Nativery Plugin nativery
Navigation Du Lapin Blanc navigation-du-lapin-blanc
Neon Product Designer neon-product-designer-for-woocommerce
Nite Shortcodes nite-shortcodes
NitroPack – Caching & Speed Optimization for Core Web Vitals, Defer CSS & JS, Lazy load Images and CDN nitropack
NV Slider nv-slider
Online Payments – Get Paid with PayPal, Square & Stripe paypal-payment-button-by-vcita
OrangeBox orangebox
Page Builder by SiteOrigin siteorigin-panels
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction paid-member-subscriptions
Partners partners
Password Protect Plugin for WordPress password-protect-plugin-for-wordpress
Passwords Manager passwords-manager
Pastebin pastebin-embed
Payment Button for PayPal wp-paypal
PayPal Marketing Solutions paypal-promotions-and-insights
PDF for WPForms + Drag and Drop Template Builder pdf-for-wpforms
PDF.js Shortcode pdfjs-shortcode
Picture Gallery – Frontend Image Uploads, AJAX Photo List picture-gallery
Piotnet Addons For Elementor piotnet-addons-for-elementor
Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress
pootle button pootle-button
Post & Page Notes post-page-notes
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor post-and-page-builder
Post Carousel & Slider post-types-carousel-slider
Post Grid and Gutenberg Blocks – ComboBlocks post-grid
Post-to-Post Links easy-post-to-post-links
Posts Footer Manager intelly-posts-footer-manager
Powie’s pLinks PagePeeker plinks
Preloader Quotes preloader-quotes
Product Carousel For WooCommerce – WoorouSell woorousell
Progress Tracker progress-tracker
Proofreading proofreading
QR Code Generator qrcode-wprhe
Quick Count quick-count
quote-posttype-plugin quote-post-type-plugin
QuoteMedia Tools quotemedia-tools
Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings rate-star-review
Real Seguro Viagem seguro-viagem
Realty Workstation realty-workstation
Related Post Shortcode related-post-shortcode
Rename Author Slug rename-author-slug
ResAds resads
Responsive jQuery Slider responsive-jquery-slider
Rio Photo Gallery rio-photo-gallery
Rollover Tab rollover-tab
root Cookie root-cookie
Royal Elementor Addons and Templates royal-elementor-addons
RSS Icon Widget rss-icon-widget
RSS News Scroller rss-news-scroller
RSV GMaps rsv-google-maps
S-DEV SEO s-dev-seo
Salvador – AI Image Generator salvador-ai-image-generator
Sandbox sandbox
Scroll Top Advanced – Scroll to ID or Class scroll-top-advanced
Secure CAPTCHA secure-captcha
Send to Twitter send-to-twitter
SendGrid for WordPress wp-sendgrid-mailer
SEOReseller Partner Plugin sr-partner
SetMore Theme – Custom Post Types service-provider-profile-cpt
Shabbos and Yom Tov shabbos-and-yom-tov
ShipWorks Connector for Woocommerce shipworks-e-commerce-bridge
Shockingly Big IE6 Warning shockingly-big-ie6-warning
Shortcode in Comment shortcode-in-comment
Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com shoutcast-and-icecast-html5-web-radio-player-by-yesstreaming-com
Sidebar-Content from Shortcode sidebar-content-from-shortcode
Simple Custom post type custom field simple-content-construction-kit
Simple Project Manager simple-project-managment
Simple Vertical Timeline simple-vertical-timeline
Simple:Press Forum simplepress
Slider for Writers slider-for-writers
Slides & Presentations slide
Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition
Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition
Smallerik File Browser smallerik-file-browser
Social Analytics social-analytics
Social Media Engine social-media-engine
Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget
SOCIAL.NINJA seo-meta
Solidres – Hotel booking plugin for WordPress solidres
Spiderpowa Embed PDF spiderpowa-embed-pdf
Stars SMTP Mailer stars-smtp-mailer
Stop Comment Spam stop-comment-spam
Stripe and PayPal Payment Forms for WordPress – PayForm payform
Strx Magic Floating Sidebar Maker strx-magic-floating-sidebar-maker
Style Admin style-admin
Sur.ly surly
Taskbuilder – WordPress Project & Task Management plugin taskbuilder
Team 118GROUP Agent team-118group-agent
The Ultimate WordPress Toolkit – WP Extended wpextended
Theme My Ontraport Smartform theme-my-ontraport-smartform
Top Flash Embed top-flash-embed
Translation.Pro translation-pro
turboSMTP turbosmtp
Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode
Twitter Post twitterpost
Twitter Shortcode twitter-shortcode
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin ultimate-member
Unique UX unique-ux
Universal Analytics Injector universal-analytics-injector
UpDownUpDown updownupdown-postcomment-voting
UpdraftPlus: WP Backup & Migration Plugin updraftplus
user files user-files
User Management user-management
User Sync ActiveCampaign registered-user-sync-activecampaign
Utilities for MTG utilities-for-mtg
Verge3D Publishing and E-Commerce verge3d
Video Share VOD – Turnkey Video Site Builder Script video-share-vod
ViewMedica 9 viewmedica
VikAppointments Services Booking Calendar vikappointments
VOD Infomaniak vod-infomaniak
W3 Total Cache w3-total-cache
W3SPEEDSTER w3speedster-wp
WCS QR Code Generator wcs-qr-code-generator
Weaver Themes Shortcode Compatibility weaver-themes-shortcode-compatibility
Web Push web-push
Web Testimonials web-testimonials
Webcamconsult webcamconsult
WH Cache & Security wh-cache-and-security
Widget Options – The WordPress Widget & Block Control Plugin widget-options
Winning Portfolio winning-portfolio
WM Options Import Export wm-options-import-export
Woo Tuner woo-tuner
WooCommerce Advanced Bulk Edit Products, Orders, Coupons, Any WordPress Post Type – Smart Manager smart-manager-for-wp-e-commerce
WooCommerce Order Search woocommerce-order-searching
Word Freshener word-freshener
WordPress Call me Now call-me-now
WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg groundhogg
WordPress Custom Sidebar wordpress-custom-sidebar
WordPress Data Guard [Website Security] wordpress-data-guards
WordPress File Search wpfilesearch
WordPress Gallery Plugin wordpress-gallery-plugin
WordPress Google Map Professional (Map In Your Language) google-map-professional
WordPress Graphs & Charts – Easy Interactive HTML5 Charts Plugin graph-lite
WordPress HelpDesk & Support Ticket System Plugin – Octrace Support octrace-support
WordPress Logging Service wordpress-logging-service
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly tour-booking-manager
WP Abstracts wp-abstracts-manuscripts-manager
WP Background Tile wp-background-tile
WP Booking Calendar booking
WP Bulletin Board wp-bulletin-board
WP Cookies Alert wp-cookies-alert
WP Custom Google Search wp-custom-google-search
WP Headmaster wp-headmaster
WP Hotel Booking wp-hotel-booking
WP Inventory Manager wp-inventory-manager
WP krpano wp-krpano
WP Load Gallery wp-load-gallery
WP Lyrics wplyrics
WP Meetup wp-meetup
WP News Sliders wp-news-sliders
WP Options Editor wp-options-editor
WP Order By wp-order-by
WP Photo Sphere wp-photo-sphere
WP Post Corrector wp-post-corrector
WP PT-Viewer wp-ptviewer
WP Responsive Tabs wp-responsive-tabs
WP Service Payment Form With Authorize.net wp-service-payment-form-with-authorizenet
WP Smart TV wp-smart-tv
WP ULike – All-in-One Engagement Toolkit wp-ulike
WP User Profile Avatar wp-user-profile-avatar
WP ViewSTL wp-viewstl
WP VTiger Synchronization msstiger
WP-Announcements wp-announcements
WP-BlackCheck wp-blackcheck
wp-pano wp-pano
WP-Player wp-player
WP-Revive Adserver wp-revive-adserver
Wp-Scribd-List wp-scribd-list
wp_amaps wp-amaps
WPDB to Sql wpdb-to-sql
WpF Ultimate Carousel wpf-ultimate-carousel
WPSyncSheets Lite For Elementor – Elementor Pro Form Google Spreadsheet Addon wpsyncsheets-elementor
WR Price List Manager For Woocommerce wr-price-list-for-woocommerce
XLSXviewer xlsx-viewer
Xola xola-bookings-for-tours-activities
Yet Another Countdown Plugin yacp
Zarinpal Paid Download zarinpal-paid-downloads

WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme buzzclub
CarZine carzine
DWT – Directory & Listing WordPress Theme dwt-listing
Envo Multipurpose envo-multipurpose
flashy flashy
Ghostwriter ghostwriter
Homey homey
Js O3 Lite js-o3-lite
moseter moseter
Multifox multifox
my white my-white
Offset Writing offset-writing
Polka Dots polka-dots
Tantyyellow tantyyellow
The Ultralight the-ultralight
TIJAJI tijaji
Tiki Time tiki-time
Tuaug4 tuaug4

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-13375
Patch Status
Patched
Published
Jan 17, 2025
Affected Software
Adifier System
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2025-23948
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Background animation blocks
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-51888
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Homey Login Register
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2025-23921
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9636
Patch Status
Patched
Published
Jan 14, 2025
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2025-23932
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Quick Count
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2025-23953
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
user files
Researcher
CVSS Rating
Critical (9.6)
CVE-ID
CVE-2025-23532
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
MyAnime Widget
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23530
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23528
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
DD Roles
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-22786
Patch Status
Patched
Published
Jan 13, 2025
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23915
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-51800
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Homey
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23938
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Image Gallery Box by CRUDLab
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23922
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
iSpring Embedder
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23918
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Smallerik File Browser
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-22736
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
User Management
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23942
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Load Gallery
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-23797
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Options Editor
CVSS Rating
High (8.8)
CVE-ID
CVE-2025-22782
Patch Status
Unpatched
Published
Jan 13, 2025
CVSS Rating
High (8.5)
CVE-ID
CVE-2024-12365
Patch Status
Patched
Published
Jan 13, 2025
Affected Software
W3 Total Cache
Researcher
CVSS Rating
High (8.1)
CVE-ID
CVE-2025-22784
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Background Control
Researcher
CVSS Rating
High (8.1)
CVE-ID
CVE-2025-23562
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
XLSXviewer
CVSS Rating
High (7.5)
CVE-ID
CVE-2025-22785
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Course Booking System
Researcher
CVSS Rating
High (7.5)
CVE-ID
CVE-2025-24664
Patch Status
Patched
Published
Jan 18, 2025
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-12614
Patch Status
Patched
Published
Jan 15, 2025
Affected Software
Passwords Manager
Researcher
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-12613
Patch Status
Patched
Published
Jan 15, 2025
Affected Software
Passwords Manager
Researcher
CVSS Rating
High (7.5)
CVE-ID
CVE-2025-24665
Patch Status
Patched
Published
Jan 18, 2025
CVSS Rating
High (7.5)
CVE-ID
CVE-2025-24667
Patch Status
Patched
Published
Jan 18, 2025
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-13377
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
Gravity Forms
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-13351
Patch Status
Patched
Published
Jan 14, 2025
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-10799
Patch Status
Patched
Published
Jan 16, 2025
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2025-23910
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Menus Plus+
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2025-22799
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Neon Product Designer
Researcher
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-12615
Patch Status
Patched
Published
Jan 15, 2025
Affected Software
Passwords Manager
Researcher
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-13367
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Sandbox
Researcher
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2025-23911
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2025-22716
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2025-23912
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2025-23913
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22732
Patch Status
Unpatched
Published
Jan 15, 2025
Affected Software
Ad Blocking Detector
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22761
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Ajax Contact Form
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23926
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Ajax WP Query Search Filter
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23886
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Annie
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23897
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Apply with LinkedIn buttons
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23887
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Blog Summary
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23899
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Bookalet
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13323
Patch Status
Patched
Published
Jan 13, 2025
Affected Software
WP Booking Calendar
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23873
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Category D3 Tree
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23936
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
CC Circle Progress Bar
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-11452
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23860
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Charity-thermometer
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13398
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
Checkout for PayPal
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23868
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Chess Tempo Viewer
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23909
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23859
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Daily Proverb
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23434
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Easy EU Cookie law
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23795
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Easy FAQs
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23796
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Easy Portfolio
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23825
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Easy Shortcode Buttons
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23890
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Easy Tweet Embed
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23946
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Enhanced YouTube Shortcode
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-11870
Patch Status
Unpatched
Published
Jan 14, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23950
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
EZPlayer
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22718
Patch Status
Unpatched
Published
Jan 15, 2025
Affected Software
FAT Event Lite
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23925
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Feedburner Optin Form
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22825
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23824
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
FontAwesome.io ShortCodes
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22747
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Foundation Columns
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22797
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Gallery and Lightbox
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23951
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23777
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
GDPR Personal Data Reports
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23934
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-12508
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Glofox Shortcodes
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23893
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
GMap Shortcode
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23775
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23928
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Google Org Chart
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23783
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22746
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
HireHive Job Plugin
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23791
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Horizontal Line Shortcode
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23940
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Image Switcher
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23939
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Image Switcher
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23772
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
imaGenius
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23927
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Incredible Font Awesome
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23830
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-0369
Patch Status
Patched
Published
Jan 17, 2025
Affected Software
JetEngine
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13385
Patch Status
Patched
Published
Jan 17, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23965
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Kopa Nictitate Toolkit
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23833
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Links/Problem Reporter
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23935
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Magic Google Maps
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22727
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23767
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Marmoset Viewer
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23941
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23816
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Metaphor Widgets
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23896
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Mindmeister Shortcode
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22769
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Multifox
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-12598
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22781
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Nativery Plugin
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22745
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Navigation Du Lapin Blanc
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23877
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Nite Shortcodes
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-12240
Patch Status
Patched
Published
Jan 13, 2025
Affected Software
Page Builder by SiteOrigin
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23908
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Pastebin
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13401
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
Payment Button for PayPal
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23943
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
PDF.js Shortcode
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23641
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Powie’s pLinks PagePeeker
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23892
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Progress Tracker
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23831
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
QR Code Generator
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13386
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
quote-posttype-plugin
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23644
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
QuoteMedia Tools
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22798
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Responsive jQuery Slider
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23863
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Rollover Tab
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22744
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
S-DEV SEO
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23444
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22748
Patch Status
Unpatched
Published
Jan 14, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23642
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Sidebar-Content from Shortcode
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23856
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Simple Vertical Timeline
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22749
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Social Media Engine
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23907
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
SOCIAL.NINJA
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23807
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Spiderpowa Embed PDF
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23841
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Top Flash Embed
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22743
Patch Status
Unpatched
Published
Jan 14, 2025
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13433
Patch Status
Unpatched
Published
Jan 17, 2025
Affected Software
Utilities for MTG
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13394
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
ViewMedica 9
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23864
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WCS QR Code Generator
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22267
Patch Status
Unpatched
Published
Jan 18, 2025
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23865
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Winning Portfolio
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23876
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP krpano
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23924
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Photo Sphere
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-13387
Patch Status
Patched
Published
Jan 15, 2025
Affected Software
WP Responsive Tabs
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-12818
Patch Status
Patched
Published
Jan 14, 2025
Affected Software
WP Smart TV
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22742
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
WP ViewSTL
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23794
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
wp_amaps
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-22780
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
wp-pano
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23947
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP-Player
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23802
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP-Revive Adserver
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23933
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WpF Ultimate Carousel
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2025-23891
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Yet Another Countdown Plugin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23537
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
add custom google tag manager
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23895
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Add RSS
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23832
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Admin Cleanup
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23686
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Admin Menu Organizer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23432
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
AlT Report
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23429
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22754
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Amber
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23880
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
amr personalise
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23884
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Annie
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23702
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Anonymize Links
Researcher(s): Unknown
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23898
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Apply with LinkedIn buttons
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23649
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Auphonic Importer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23793
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Auto FTP
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23875
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Better Protected Pages
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23513
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Bible Embed
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23674
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Bit.ly linker
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23580
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
BizLibrary
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23689
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Blogger Image Import
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23499
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Board Election
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22793
Patch Status
Patched
Published
Jan 13, 2025
Affected Software
Bold pagos en linea
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23690
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Book a Place
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22763
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Brizy Pro
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23745
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WordPress Call me Now
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23620
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-13334
Patch Status
Unpatched
Published
Jan 14, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23981
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
CarZine
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23822
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Category Custom Fields
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23760
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Chatter
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23869
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
CJ Custom Content
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23823
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
CNZZ&51LA for WordPress
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22760
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
CodeBard Help Desk
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23627
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Comment-Emailer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23623
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-12423
Patch Status
Patched
Published
Jan 14, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23820
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Content Security Policy Pro
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23501
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23870
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23578
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Custom CSS Addons
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23808
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Custom List Table Example
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23566
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Custom Post
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23844
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Custom Widget Classes
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23503
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23861
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Debt Calculator
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23708
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
DF Draggable
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23592
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
dForms
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-0170
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23445
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Easy Tynt
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23471
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
ECT Add to Cart Button
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23673
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Email on Publish
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23456
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
EmailShroud
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23902
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Error Notification
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23699
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23583
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23508
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23557
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Find Your Reps
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23979
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
flashy
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23617
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Floatbox Plus
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23710
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Flying Twitter Birds
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23679
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
FP RSS Category Excluder
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23703
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Free MailClient FMC
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23567
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
GDReseller
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23900
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Genki Announcement
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23558
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Geotagged Media
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23988
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
Ghostwriter
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23426
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
go Social
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23901
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
GravatarLocalCache
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22752
Patch Status
Unpatched
Published
Jan 14, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-13492
Patch Status
Unpatched
Published
Jan 17, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23713
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Hack me if you can
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23848
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Hotspots Analytics
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23677
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-12403
Patch Status
Patched
Published
Jan 14, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22711
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23675
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Import Users to MailChimp
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23672
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23706
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22792
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Js O3 Lite
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23712
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Kapost
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-13516
Patch Status
Patched
Published
Jan 17, 2025
Affected Software
Kubio AI Page Builder
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-13352
Patch Status
Unpatched
Published
Jan 17, 2025
Affected Software
Legull
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23810
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Len Slider
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23676
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
LH Email
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23547
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22778
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Lijit Search
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23678
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
LocalGrid
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23871
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
LSD Google Maps Embedder
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23683
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
MACME
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23424
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Marquee Style RSS News Ticker
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23430
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Mass Custom Fields Manager
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23798
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Mass Messaging in BuddyPress
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23463
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23639
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
MDC YouTube Downloader
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23559
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
MemeOne
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23659
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
MercadoLibre Integration
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23660
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
MFPlugin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23817
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
MHR-Custom-Anti-Copy
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23818
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
More Link Modifier
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22790
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
moseter
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22795
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Multilang Contact Form
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22733
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22678
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
my white
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23476
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
my-related-posts
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23749
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
mybb Last Topics
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23661
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
NV Slider
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22791
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Offset Writing
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23800
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
OrangeBox
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22751
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Partners
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23435
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23872
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22789
Patch Status
Unpatched
Published
Jan 13, 2025
Affected Software
Polka Dots
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23758
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23715
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Post & Page Notes
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22750
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
Post Carousel & Slider
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23682
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-12466
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
Proofreading
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23664
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Real Seguro Viagem
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23681
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23640
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Rename Author Slug
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23597
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23815
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
root Cookie
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-0393
Patch Status
Patched
Published
Jan 13, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23467
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
RSS News Scroller
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23665
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
RSV GMaps
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-13366
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Sandbox
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23693
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Secure CAPTCHA
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23691
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Send to Twitter
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23805
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
SEOReseller Partner Plugin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23694
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Shabbos and Yom Tov
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23442
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Shockingly Big IE6 Warning
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23569
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Shortcode in Comment
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23500
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23497
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Simple Project Manager
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
Unknown
Patch Status
Patched
Published
Jan 17, 2025
Affected Software
Simple:Press Forum
Researcher(s): Unknown
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23692
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Slider for Writers
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23743
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Social Analytics
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23453
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Stars SMTP Mailer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23826
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
Stop Comment Spam
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23827
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23801
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Style Admin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23995
Patch Status
Unpatched
Published
Jan 17, 2025
Affected Software
Tantyyellow
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23717
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Theme My Ontraport Smartform
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23983
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
TIJAJI
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23986
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
Tiki Time
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23498
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Translation.Pro
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22687
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
Tuaug4
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22753
Patch Status
Patched
Published
Jan 14, 2025
Affected Software
turboSMTP
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23654
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Twitter Post
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23618
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Twitter Shortcode
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23998
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
The Ultralight
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23625
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Unique UX
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23483
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Universal Analytics Injector
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23572
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
UpDownUpDown
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-0215
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22709
Patch Status
Patched
Published
Jan 15, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23470
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23765
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
W3SPEEDSTER
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23720
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Web Push
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23560
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Web Testimonials
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-13432
Patch Status
Patched
Published
Jan 17, 2025
Affected Software
Webcamconsult
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23611
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23495
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23577
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Word Freshener
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23828
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23867
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WordPress File Search
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23842
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WordPress Gallery Plugin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23510
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WordPress Logging Service
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-12385
Patch Status
Patched
Published
Jan 17, 2025
Affected Software
WP Abstracts
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23573
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Background Tile
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22776
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
WP Bulletin Board
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23821
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Cookies Alert
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23698
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Custom Google Search
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22755
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
WP Headmaster
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-13434
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
WP Inventory Manager
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23533
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Lyrics
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22765
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
WP Order By
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22764
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
WP Post Corrector
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23438
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP PT-Viewer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23804
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23455
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP VTiger Synchronization
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23489
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP-Announcements
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23511
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP-BlackCheck
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-23436
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Wp-Scribd-List
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2025-22766
Patch Status
Unpatched
Published
Jan 14, 2025
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-13378
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
Gravity Forms
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-23862
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-23764
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Copy Move Posts
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-11396
Patch Status
Patched
Published
Jan 13, 2025
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-22773
Patch Status
Patched
Published
Jan 14, 2025
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-23514
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Loginplus
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-12637
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
Moving Users
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-12427
Patch Status
Patched
Published
Jan 15, 2025
Affected Software
Multi Step Form
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-22717
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-23477
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Realty Workstation
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-23512
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Team 118GROUP Agent
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-12008
Patch Status
Patched
Published
Jan 13, 2025
Affected Software
W3 Total Cache
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-12006
Patch Status
Patched
Published
Jan 13, 2025
Affected Software
W3 Total Cache
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-23781
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WM Options Import Export
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-12370
Patch Status
Patched
Published
Jan 16, 2025
Affected Software
WP Hotel Booking
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-23774
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WPDB to Sql
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2025-22737
Patch Status
Patched
Published
Jan 14, 2025
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2025-23784
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2025-23780
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2025-23779
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
ResAds
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2025-22262
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
bonjour-bar
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2025-0554
Patch Status
Patched
Published
Jan 17, 2025
Affected Software
Podlove Podcast Publisher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2025-23878
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Post-to-Post Links
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2025-22734
Patch Status
Patched
Published
Jan 14, 2025
Affected Software
Posts Footer Manager
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2025-22276
Patch Status
Unpatched
Published
Jan 18, 2025
Affected Software
Related Post Shortcode
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-12203
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
RSS Icon Widget
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2025-22738
Patch Status
Patched
Published
Jan 14, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23785
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-22731
Patch Status
Patched
Published
Jan 14, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-22787
Patch Status
Patched
Published
Jan 13, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23776
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Cache Sniper for Nginx
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23917
Patch Status
Patched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23684
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Debug Tool
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-13215
Patch Status
Patched
Published
Jan 14, 2025
Affected Software
Elementor Addon Elements
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23929
Patch Status
Unpatched
Published
Jan 16, 2025
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23962
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Goldstar
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23963
Patch Status
Patched
Published
Jan 16, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23930
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10775
Patch Status
Patched
Published
Jan 14, 2025
Affected Software
Piotnet Addons For Elementor
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23954
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23423
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
SendGrid for WordPress
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-13317
Patch Status
Patched
Published
Jan 17, 2025
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23919
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Slides & Presentations
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23957
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Sur.ly
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23778
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
User Sync ActiveCampaign
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-22719
Patch Status
Patched
Published
Jan 15, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-22729
Patch Status
Patched
Published
Jan 14, 2025
Affected Software
VOD Infomaniak
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23761
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Woo Tuner
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23961
Patch Status
Unpatched
Published
Jan 16, 2025
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23916
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
WP Meetup
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-22779
Patch Status
Unpatched
Published
Jan 14, 2025
Affected Software
WP News Sliders
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10789
Patch Status
Patched
Published
Jan 15, 2025
Affected Software
WP User Profile Avatar
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2025-23955
Patch Status
Unpatched
Published
Jan 16, 2025
Affected Software
Xola
CVSS Rating
Low (3.1)
CVE-ID
CVE-2025-22770
Patch Status
Unpatched
Published
Jan 14, 2025

As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (January 13, 2025 to January 19, 2025) appeared first on Wordfence.

Leave a Comment