Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest.
Last week, there were 141 vulnerabilities disclosed in 132 WordPress Plugins and 3 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 45 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 22,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Patched | 47 |
| Unpatched | 94 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Medium Severity | 126 |
| High Severity | 12 |
| Critical Severity | 3 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) | 62 |
| Cross-Site Request Forgery (CSRF) | 42 |
| Missing Authorization | 13 |
| Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) | 6 |
| Improper Control of Generation of Code (‘Code Injection’) | 4 |
| Authorization Bypass Through User-Controlled Key | 3 |
| Authentication Bypass Using an Alternate Path or Channel | 2 |
| Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) | 2 |
| Deserialization of Untrusted Data | 1 |
| Exposure of Sensitive Information to an Unauthorized Actor | 1 |
| Improper Access Control | 1 |
| Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) | 1 |
| Incorrect Privilege Assignment | 1 |
| Server-Side Request Forgery (SSRF) | 1 |
| Unrestricted Upload of File with Dangerous Type | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| 27 | |
| 15 | |
| 13 | |
| 7 | |
| 6 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Admin and Site Enhancements (ASE) | admin-site-enhancements |
| Admin and Site Enhancements (ASE) Pro | admin-site-enhancements-pro |
| AIO Performance Profiler, Monitor, Optimize, Compress & Debug | all-in-one-performance-accelerator |
| Alert Box Block – Display notice/alerts in the front end. | alert-box-block |
| All push notification for WP | all-push-notification |
| Appointment Buddy Widget By Accrete | appointment-buddy-online-appointment-booking-by-accrete |
| aThemes Addons for Elementor | athemes-addons-for-elementor-lite |
| Auto SEO | auto-seo |
| Awesome Event Booking | awesome-event-booking |
| B Slider- Gutenberg Slider Block for WP | b-slider |
| Blog, Posts and Category Filter for Elementor | blog-posts-and-category-for-elementor |
| BookPress – For Book Authors | book-press |
| BoomBox Theme Extensions | boombox-theme-extensions |
| Breaking News Ticker | breaking-news-ticker |
| Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time | builder-shortcode-extras |
| CalendApp | calendapp |
| Child Themes Helper | child-themes-helper |
| Contact Manager | contact-manager |
| CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run smoothly on WooCommerce 9.x | woo-multi-currency |
| Custom Block Builder – Lazy Blocks | lazy-blocks |
| Custom Comment Notifications | custom-comment-notifications |
| Custom Links On Admin Dashboard Toolbar | customize-wpadmin |
| CWD – Stealth Links | cwd-stealth-links |
| Directory Listings WordPress plugin – uListing | ulisting |
| Disable Elementor Editor Translation | disable-elementor-editor-translation |
| DSGVO All in one for WP | dsgvo-all-in-one-for-wp |
| Dynamic Conditions | dynamicconditions |
| Dynamic URL SEO | dynamic-url-seo |
| EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory | ean-for-woocommerce |
| Easy Chart Builder for WordPress | easy-chart-builder |
| Easy Related Posts | easy-related-posts |
| Easy WP Tiles | easy-wp-tiles |
| Embed RSS | embed-rss |
| Eventer – WordPress Event & Booking Manager Plugin | eventer |
| Events, Calendars & Tickets – Event Kikfyre | kikfyre-events-calendar-tickets |
| Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets | wpsyncsheets-woocommerce |
| External “Video for Everybody” | external-video-for-everybody |
| Facilita Form Tracker | facilita-form-tracker |
| FlexIDX Home Search | flexidx-home-search |
| Fyrebox Quizzes | fyrebox-shortcode |
| GlobalQuran | globalquran |
| Google Earth Embed | google-earth-tours |
| Graceful Email Obfuscation | graceful-email-obfuscation |
| HT Mega – Absolute Addons For Elementor | ht-mega-for-elementor |
| Image Rotator | appten-image-rotator |
| Include Mastodon Feed | include-mastodon-feed |
| Indeed API | indeed-api |
| Infusionsoft Analytics for WordPress | infusionsoft-web-tracker |
| InLocation | inlocation |
| Job Board Manager | job-board-manager |
| JS Help Desk – The Ultimate Help Desk & Support Plugin | js-support-ticket |
| Kona Gallery Block | kona-instagram-feed-for-gutenberg |
| Link to URL / Post | link-to-url-post |
| Links in Captions | links-in-captions |
| Listings for Appfolio | listings-for-appfolio |
| Login-box | login-box |
| Medical Addon for Elementor | medical-addon-for-elementor |
| Music Press Pro | music-press-pro |
| Nextend Social Login Pro | nextend-social-login-pro |
| NextGen Cooliris Gallery | nextgen-cooliris-gallery |
| Notification Bar – Top Bar – Easy Sticky Notification Bar | FM Notification Bar | fm-notification-bar |
| On Page SEO + Social Live Chat (Formerly OPS) | ops-robots-txt |
| OneStore Sites | onestore-sites |
| Optimate Ads – Advance Ad Inserter AdSense & Ad Manager | optimate-ads |
| Orbit Fox by ThemeIsle | themeisle-companion |
| Payment Forms for Paystack | payment-forms-for-paystack |
| Paytm Payment Donation | paytm-donation |
| Photo Contest | Competition | Video Contest | totalcontest-lite |
| Pop Up | popup-seo-optimized |
| Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | post-and-page-builder |
| Post Sync | post-sync |
| Print PDF Generator and Publisher | nopeamedia |
| Product Blocks for WooCommerce | product-blocks-for-woocommerce |
| Product Table For WooCommerce | product-table-for-woocommerce |
| pushBIZ – Push Notification | pushbiz |
| Qi Addons For Elementor | qi-addons-for-elementor |
| Quote Comments | quote-comments |
| R3W InstaFeed | r3w-instafeed |
| RapidLoad AI – Optimize Web Vitals Automatically | unusedcss |
| Read More Copy Link | read-more-copy-link |
| Ready to use Gutenberg and Elementor Templates – Munk Sites | munk-sites |
| ReverbNation Widgets | reverbnation-widgets |
| RSS in Page | rss-in-page |
| SendPulse Email Marketing Newsletter | sendpulse-email-marketing-newsletter |
| ShopSite | shopsite-plugin |
| Show notice or message on admin area | show-notice-or-message-on-admin-area |
| Simple add pages or posts | simple-add-pages-or-posts |
| Simple Auto Tag | simple-auto-tag |
| Simple catalogue | simple-catalogue |
| Simple Certain Time to Show Content | simple-certain-time-to-show-content |
| Simple Select All Text Box | simple-select-all-text-box |
| Simple User Profile | simple-user-profile |
| SKT Blocks – Gutenberg based Page Builder | skt-blocks |
| Slide Banners | slide-banners |
| Smart Countdown FX | smart-countdown-fx |
| Smart DoFollow | smart-dofollow |
| Songkick Concerts and Festivals | songkick-concerts-and-festivals |
| Spiritual Gifts Survey (and optional S.H.A.P.E survey) | spiritual-gifts-survey |
| Starter Templates by FancyWP | starter-templates |
| Status Updater | fb-status-updater |
| Style Tweaker | style-tweaker |
| Stylish Google Sheet Reader 4.0 – Seamlessly Embed Google Sheets as Responsive Data Tables | stylish-google-sheet-reader |
| Super Store Finder | superstorefinder-wp |
| Survey Maker | survey-maker |
| Theasys | theasys |
| Theme Options Z | theme-options-z |
| Uix Shortcodes | uix-shortcodes |
| URL-Preview-Box | good-url-preview-box |
| Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce | vayu-blocks |
| Video & Photo Gallery for Ultimate Member | gallery-for-ultimate-member |
| Vignette Ads | vignete-ads |
| VikBooking Hotel Booking Engine & PMS | vikbooking |
| WizShop | wizshop |
| WooCommerce Cart Count Shortcode | woo-cart-count-shortcode |
| WordPress Activity-o-meter | wordpress-activity-o-meter |
| WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto | tripetto |
| WP Admin Custom Page | wp-admin-custom-page |
| WP All Export Pro | wp-all-export-pro |
| WP All Import Pro | wp-all-import-pro |
| WP Custom Post RSS Feed | wp-custom-post-rss-feed |
| WP Directorybox Manager | wp-directorybox-manager |
| WP doodlez | wpdoodlez |
| WP Extra Fields | wp-extra-fields |
| WP Keyword Monitor | wp-keyword-monitor |
| WP Pricing Table | wp-pricing-table |
| WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts | wedevs-project-manager |
| WP SimpleWeather | wp-simpleweather |
| WP Social Stream | wp-social-stream |
| WP Spell Check | wp-spell-check |
| WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More | wpforms-lite |
| WPMovieLibrary | wpmovielibrary |
| ZMSEO | zmseo |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| DWT – Directory & Listing WordPress Theme | dwt-listing |
| OnePress | onepress |
| SocialV – Social Network and Community BuddyPress Theme | socialv |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVE-ID
CVE-2025-1061
CVE-2025-1061
Patch Status
Patched
Patched
Published
Feb 6, 2025
Feb 6, 2025
Affected Software
Nextend Social Login Pro
Nextend Social Login Pro
Researcher
CVE-ID
CVE-2025-25122
CVE-2025-25122
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WizShop
WizShop
Researcher
CVE-ID
CVE-2025-0316
CVE-2025-0316
Patch Status
Unpatched
Unpatched
Published
Feb 8, 2025
Feb 8, 2025
Affected Software
WP Directorybox Manager
WP Directorybox Manager
Researcher
BoomBox Theme Extensions <= 1.8.0 – Authenticated (Contributor+) Local File Inclusion via Shortcode
8.8
CVE-ID
CVE-2024-12859
CVE-2024-12859
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
BoomBox Theme Extensions
BoomBox Theme Extensions
Researcher
CVE-ID
CVE-2024-7419
CVE-2024-7419
Patch Status
Patched
Patched
Published
Feb 7, 2025
Feb 7, 2025
Affected Software
WP All Export Pro
WP All Export Pro
Researcher
CVE-ID
CVE-2024-13440
CVE-2024-13440
Patch Status
Patched
Patched
Published
Feb 8, 2025
Feb 8, 2025
Affected Software
Super Store Finder
Super Store Finder
Researcher
CVE-ID
CVE-2025-25093
CVE-2025-25093
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Child Themes Helper
Child Themes Helper
Researcher
CVE-ID
CVE-2025-1028
CVE-2025-1028
Patch Status
Patched
Patched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
Contact Manager
Contact Manager
Researcher
Admin and Site Enhancements (ASE) Pro <= 7.6.2.1 – Authenticated (Subscriber+) Privilege Escalation
7.5
CVE-ID
CVE-2024-43333
CVE-2024-43333
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Researcher
CVE-ID
CVE-2025-22655
CVE-2025-22655
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
CWD – Stealth Links
CWD – Stealth Links
Researcher
CVE-ID
CVE-2025-25150
CVE-2025-25150
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Directory Listings WordPress plugin – uListing
Directory Listings WordPress plugin – uListing
Researcher
CVE-ID
CVE-2024-13487
CVE-2024-13487
Patch Status
Patched
Patched
Published
Feb 5, 2025
Feb 5, 2025
CVE-ID
CVE-2025-22677
CVE-2025-22677
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Uix Shortcodes
Uix Shortcodes
Researcher
CVE-ID
CVE-2025-25092
CVE-2025-25092
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
All push notification for WP
All push notification for WP
Researcher
WP All Import Pro <= 4.9.7 – Authenticated (Administrator+) PHP Object Injection via Import File
7.2
CVE-ID
CVE-2024-9664
CVE-2024-9664
Patch Status
Patched
Patched
Published
Feb 7, 2025
Feb 7, 2025
Affected Software
WP All Import Pro
WP All Import Pro
Researcher
CVE-ID
CVE-2024-7425
CVE-2024-7425
Patch Status
Patched
Patched
Published
Feb 7, 2025
Feb 7, 2025
Affected Software
WP All Export Pro
WP All Export Pro
Researcher
CVE-ID
CVE-2024-13356
CVE-2024-13356
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
DSGVO All in one for WP
DSGVO All in one for WP
Researcher
CVE-ID
CVE-2025-0859
CVE-2025-0859
Patch Status
Patched
Patched
Published
Feb 5, 2025
Feb 5, 2025
Affected Software
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor
Researcher
CVE-ID
CVE-2024-13529
CVE-2024-13529
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
SocialV – Social Network and Community BuddyPress Theme
SocialV – Social Network and Community BuddyPress Theme
Researcher
Starter Templates by FancyWP <= 2.0.0 – Cross-Site Request Forgery to Arbitrary Plugin Installation
6.5
CVE-ID
CVE-2025-25106
CVE-2025-25106
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Starter Templates by FancyWP
Starter Templates by FancyWP
Researcher
CVE-ID
CVE-2025-25151
CVE-2025-25151
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Directory Listings WordPress plugin – uListing
Directory Listings WordPress plugin – uListing
Researcher
CVE-ID
CVE-2025-22675
CVE-2025-22675
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Alert Box Block – Display notice/alerts in the front end.
Alert Box Block – Display notice/alerts in the front end.
Researcher
aThemes Addons for Elementor <= 1.0.8 – Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2025-22646
CVE-2025-22646
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
aThemes Addons for Elementor
aThemes Addons for Elementor
Researcher
CVE-ID
CVE-2025-22648
CVE-2025-22648
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Blog, Posts and Category Filter for Elementor
Blog, Posts and Category Filter for Elementor
Researcher
CVE-ID
CVE-2025-25094
CVE-2025-25094
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Breaking News Ticker
Breaking News Ticker
Researcher
CVE-ID
CVE-2025-0169
CVE-2025-0169
Patch Status
Patched
Patched
Published
Feb 8, 2025
Feb 8, 2025
Affected Software
DWT – Directory & Listing WordPress Theme
DWT – Directory & Listing WordPress Theme
Researcher
CVE-ID
CVE-2025-22642
CVE-2025-22642
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Dynamic Conditions
Dynamic Conditions
Researcher
Easy Chart Builder for WordPress <= 1.3 – Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2025-25077
CVE-2025-25077
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Easy Chart Builder for WordPress
Easy Chart Builder for WordPress
Researcher
CVE-ID
CVE-2024-11132
CVE-2024-11132
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Eventer – WordPress Event & Booking Manager Plugin
Eventer – WordPress Event & Booking Manager Plugin
Researcher
External Video For Everybody <= 2.1.1 – Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2025-25097
CVE-2025-25097
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
External “Video for Everybody”
External “Video for Everybody”
Researcher
CVE-ID
CVE-2025-25082
CVE-2025-25082
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
FlexIDX Home Search
FlexIDX Home Search
Researcher
CVE-ID
CVE-2025-25078
CVE-2025-25078
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Google Earth Embed
Google Earth Embed
Researcher
CVE-ID
CVE-2025-25076
CVE-2025-25076
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Graceful Email Obfuscation
Graceful Email Obfuscation
Researcher
CVE-ID
CVE-2024-12597
CVE-2024-12597
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2025-22660
CVE-2025-22660
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Include Mastodon Feed
Include Mastodon Feed
Researcher
CVE-ID
CVE-2025-25080
CVE-2025-25080
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Kona Gallery Block
Kona Gallery Block
Researcher
CVE-ID
CVE-2025-25098
CVE-2025-25098
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Links in Captions
Links in Captions
Researcher
CVE-ID
CVE-2025-22653
CVE-2025-22653
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Music Press Pro
Music Press Pro
Researcher
CVE-ID
CVE-2025-25091
CVE-2025-25091
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
NextGen Cooliris Gallery
NextGen Cooliris Gallery
Researcher
CVE-ID
CVE-2025-25136
CVE-2025-25136
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Optimate Ads – Advance Ad Inserter AdSense & Ad Manager
Optimate Ads – Advance Ad Inserter AdSense & Ad Manager
Researcher
CVE-ID
CVE-2025-22659
CVE-2025-22659
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Orbit Fox by ThemeIsle
Orbit Fox by ThemeIsle
Researcher
Product Blocks for WooCommerce <= 1.9.1 – Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2025-22674
CVE-2025-22674
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Product Blocks for WooCommerce
Product Blocks for WooCommerce
Researcher
Product Table For WooCommerce <= 1.2.3 – Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2025-22638
CVE-2025-22638
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Product Table For WooCommerce
Product Table For WooCommerce
Researcher
CVE-ID
CVE-2024-13699
CVE-2024-13699
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Qi Addons For Elementor
Qi Addons For Elementor
Researcher
CVE-ID
CVE-2025-25095
CVE-2025-25095
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
ReverbNation Widgets
ReverbNation Widgets
Researcher
CVE-ID
CVE-2025-25096
CVE-2025-25096
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
RSS in Page
RSS in Page
Researcher
CVE-ID
CVE-2025-22662
CVE-2025-22662
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
SendPulse Email Marketing Newsletter
SendPulse Email Marketing Newsletter
Researcher
CVE-ID
CVE-2025-25079
CVE-2025-25079
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Simple Select All Text Box
Simple Select All Text Box
Researcher
CVE-ID
CVE-2024-13733
CVE-2024-13733
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
SKT Blocks – Gutenberg based Page Builder
SKT Blocks – Gutenberg based Page Builder
Researcher
CVE-ID
CVE-2025-25117
CVE-2025-25117
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Smart Countdown FX
Smart Countdown FX
Researcher
CVE-ID
CVE-2025-22644
CVE-2025-22644
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce
Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce
Researcher
CVE-ID
CVE-2025-22672
CVE-2025-22672
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Video & Photo Gallery for Ultimate Member
Video & Photo Gallery for Ultimate Member
Researcher
WooCommerce Cart Count Shortcode <= 1.0.4 – Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-10563
CVE-2024-10563
Patch Status
Patched
Patched
Published
Feb 5, 2025
Feb 5, 2025
Affected Software
WooCommerce Cart Count Shortcode
WooCommerce Cart Count Shortcode
Researcher
CVE-ID
CVE-2025-25085
CVE-2025-25085
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WP SimpleWeather
WP SimpleWeather
Researcher
CVE-ID
CVE-2024-13403
CVE-2024-13403
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More
WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More
Researcher
CVE-ID
CVE-2025-25099
CVE-2025-25099
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Appointment Buddy Widget By Accrete
Appointment Buddy Widget By Accrete
Researcher
CVE-ID
CVE-2025-25147
CVE-2025-25147
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Auto SEO
Auto SEO
Researcher
BookPress – For Book Authors <= 1.2.7 – Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-ID
CVE-2025-25168
CVE-2025-25168
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
BookPress – For Book Authors
BookPress – For Book Authors
Researcher
CVE-ID
CVE-2024-13669
CVE-2024-13669
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
CalendApp
CalendApp
Researcher
CVE-ID
CVE-2024-12878
CVE-2024-12878
Patch Status
Patched
Patched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
Custom Block Builder – Lazy Blocks
Custom Block Builder – Lazy Blocks
Researcher
Custom Comment Notifications <= 1.0.8 – Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-ID
CVE-2025-25154
CVE-2025-25154
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Custom Comment Notifications
Custom Comment Notifications
Researcher
CVE-ID
CVE-2025-25135
CVE-2025-25135
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Custom Links On Admin Dashboard Toolbar
Custom Links On Admin Dashboard Toolbar
Researcher
CVE-ID
CVE-2025-23984
CVE-2025-23984
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Dynamic URL SEO
Dynamic URL SEO
Researcher
CVE-ID
CVE-2025-25123
CVE-2025-25123
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Easy Related Posts
Easy Related Posts
Researcher
CVE-ID
CVE-2025-25125
CVE-2025-25125
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Fyrebox Quizzes
Fyrebox Quizzes
Researcher
CVE-ID
CVE-2025-25089
CVE-2025-25089
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Image Rotator
Image Rotator
Researcher
CVE-ID
CVE-2025-25166
CVE-2025-25166
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
InLocation
InLocation
Researcher
CVE-ID
CVE-2025-22679
CVE-2025-22679
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Job Board Manager
Job Board Manager
Researcher
CVE-ID
CVE-2025-22658
CVE-2025-22658
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Listings for Appfolio
Listings for Appfolio
Researcher
CVE-ID
CVE-2025-25149
CVE-2025-25149
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Login-box
Login-box
Researcher
CVE-ID
CVE-2025-25138
CVE-2025-25138
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
On Page SEO + Social Live Chat (Formerly OPS)
On Page SEO + Social Live Chat (Formerly OPS)
Researcher
CVE-ID
CVE-2024-13634
CVE-2024-13634
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
Post Sync
Post Sync
Researcher
CVE-ID
CVE-2024-13629
CVE-2024-13629
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
pushBIZ – Push Notification
pushBIZ – Push Notification
Researcher
CVE-ID
CVE-2025-25156
CVE-2025-25156
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Quote Comments
Quote Comments
Researcher
CVE-ID
CVE-2024-13678
CVE-2024-13678
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
R3W InstaFeed
R3W InstaFeed
Researcher
CVE-ID
CVE-2025-25148
CVE-2025-25148
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Read More Copy Link
Read More Copy Link
Researcher
CVE-ID
CVE-2025-25075
CVE-2025-25075
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Show notice or message on admin area
Show notice or message on admin area
Researcher
CVE-ID
CVE-2025-25153
CVE-2025-25153
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Simple Auto Tag
Simple Auto Tag
Researcher
CVE-ID
CVE-2024-13633
CVE-2024-13633
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
Simple catalogue
Simple catalogue
Researcher
CVE-ID
CVE-2024-10152
CVE-2024-10152
Patch Status
Patched
Patched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
Simple Certain Time to Show Content
Simple Certain Time to Show Content
Researcher
CVE-ID
CVE-2025-25140
CVE-2025-25140
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Simple User Profile
Simple User Profile
Researcher
CVE-ID
CVE-2025-25152
CVE-2025-25152
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Smart DoFollow
Smart DoFollow
Researcher
Songkick Concerts and Festivals <= 0.9.7 – Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-ID
CVE-2025-25146
CVE-2025-25146
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Songkick Concerts and Festivals
Songkick Concerts and Festivals
Researcher
CVE-ID
CVE-2025-0688
CVE-2025-0688
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
Spiritual Gifts Survey (and optional S.H.A.P.E survey)
Spiritual Gifts Survey (and optional S.H.A.P.E survey)
Researcher
CVE-ID
CVE-2025-0687
CVE-2025-0687
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
Spiritual Gifts Survey (and optional S.H.A.P.E survey)
Spiritual Gifts Survey (and optional S.H.A.P.E survey)
Researcher
CVE-ID
CVE-2025-25124
CVE-2025-25124
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Status Updater
Status Updater
Researcher
CVE-ID
CVE-2025-25160
CVE-2025-25160
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Style Tweaker
Style Tweaker
Researcher
CVE-ID
CVE-2025-22651
CVE-2025-22651
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Stylish Google Sheet Reader 4.0 – Seamlessly Embed Google Sheets as Responsive Data Tables
Stylish Google Sheet Reader 4.0 – Seamlessly Embed Google Sheets as Responsive Data Tables
Researcher
CVE-ID
CVE-2025-25144
CVE-2025-25144
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Theasys
Theasys
Researcher
CVE-ID
CVE-2024-13822
CVE-2024-13822
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Photo Contest | Competition | Video Contest
Photo Contest | Competition | Video Contest
Researcher
CVE-ID
CVE-2025-25104
CVE-2025-25104
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
URL-Preview-Box
URL-Preview-Box
Researcher
CVE-ID
CVE-2025-25071
CVE-2025-25071
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Vignette Ads
Vignette Ads
Researcher
CVE-ID
CVE-2024-13668
CVE-2024-13668
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
WordPress Activity-o-meter
WordPress Activity-o-meter
Researcher
CVE-ID
CVE-2025-25072
CVE-2025-25072
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WP Admin Custom Page
WP Admin Custom Page
Researcher
CVE-ID
CVE-2025-25139
CVE-2025-25139
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WP Custom Post RSS Feed
WP Custom Post RSS Feed
Researcher
CVE-ID
CVE-2025-25159
CVE-2025-25159
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WP doodlez
WP doodlez
Researcher
CVE-ID
CVE-2024-13632
CVE-2024-13632
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
WP Extra Fields
WP Extra Fields
Researcher
CVE-ID
CVE-2025-25088
CVE-2025-25088
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WP Keyword Monitor
WP Keyword Monitor
Researcher
CVE-ID
CVE-2024-13628
CVE-2024-13628
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
WP Pricing Table
WP Pricing Table
Researcher
CVE-ID
CVE-2025-25074
CVE-2025-25074
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WP Social Stream
WP Social Stream
Researcher
CVE-ID
CVE-2024-13624
CVE-2024-13624
Patch Status
Unpatched
Unpatched
Published
Feb 4, 2025
Feb 4, 2025
Affected Software
WPMovieLibrary
WPMovieLibrary
Researcher
CVE-ID
CVE-2025-25126
CVE-2025-25126
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
ZMSEO
ZMSEO
Researcher
CVE-ID
CVE-2024-13850
CVE-2024-13850
Patch Status
Unpatched
Unpatched
Published
Feb 8, 2025
Feb 8, 2025
Affected Software
Simple add pages or posts
Simple add pages or posts
Researcher
CVE-ID
CVE-2025-25128
CVE-2025-25128
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Facilita Form Tracker
Facilita Form Tracker
Researcher
CVE-ID
CVE-2025-22668
CVE-2025-22668
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Awesome Event Booking
Awesome Event Booking
Researcher
CVE-ID
CVE-2024-11133
CVE-2024-11133
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Eventer – WordPress Event & Booking Manager Plugin
Eventer – WordPress Event & Booking Manager Plugin
Researcher
CVE-ID
CVE-2024-13829
CVE-2024-13829
Patch Status
Patched
Patched
Published
Feb 4, 2025
Feb 4, 2025
Researcher
CVE-ID
CVE-2025-25116
CVE-2025-25116
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Link to URL / Post
Link to URL / Post
Researcher
CVE-ID
CVE-2025-22652
CVE-2025-22652
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Payment Forms for Paystack
Payment Forms for Paystack
Researcher
CVE-ID
CVE-2025-25143
CVE-2025-25143
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
GlobalQuran
GlobalQuran
Researcher
CVE-ID
CVE-2025-25073
CVE-2025-25073
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Easy WP Tiles
Easy WP Tiles
Researcher
CVE-ID
CVE-2025-22641
CVE-2025-22641
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Notification Bar – Top Bar – Easy Sticky Notification Bar | FM Notification Bar
Notification Bar – Top Bar – Easy Sticky Notification Bar | FM Notification Bar
Researcher
CVE-ID
CVE-2025-22640
CVE-2025-22640
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Paytm Payment Donation
Paytm Payment Donation
Researcher
CVE-ID
CVE-2025-25105
CVE-2025-25105
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Pop Up
Pop Up
Researcher
CVE-ID
CVE-2025-22664
CVE-2025-22664
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Survey Maker
Survey Maker
Researcher
CVE-ID
CVE-2025-22649
CVE-2025-22649
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
CVE-ID
CVE-2025-22647
CVE-2025-22647
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
AIO Performance Profiler, Monitor, Optimize, Compress & Debug
AIO Performance Profiler, Monitor, Optimize, Compress & Debug
Researcher
CVE-ID
CVE-2025-22669
CVE-2025-22669
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Awesome Event Booking
Awesome Event Booking
Researcher
CVE-ID
CVE-2024-13514
CVE-2024-13514
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
B Slider- Gutenberg Slider Block for WP
B Slider- Gutenberg Slider Block for WP
Researcher
CVE-ID
CVE-2024-13841
CVE-2024-13841
Patch Status
Unpatched
Unpatched
Published
Feb 6, 2025
Feb 6, 2025
Researcher
CVE-ID
CVE-2025-22671
CVE-2025-22671
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Disable Elementor Editor Translation
Disable Elementor Editor Translation
Researcher
CVE-ID
CVE-2025-22673
CVE-2025-22673
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory
EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory
Researcher
CVE-ID
CVE-2025-25110
CVE-2025-25110
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Events, Calendars & Tickets – Event Kikfyre
Events, Calendars & Tickets – Event Kikfyre
Researcher
CVE-ID
CVE-2024-11134
CVE-2024-11134
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Eventer – WordPress Event & Booking Manager Plugin
Eventer – WordPress Event & Booking Manager Plugin
Researcher
CVE-ID
CVE-2025-22667
CVE-2025-22667
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Researcher
CVE-ID
CVE-2025-25103
CVE-2025-25103
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Indeed API
Indeed API
Researcher
CVE-ID
CVE-2025-25145
CVE-2025-25145
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Infusionsoft Analytics for WordPress
Infusionsoft Analytics for WordPress
Researcher
CVE-ID
CVE-2024-13607
CVE-2024-13607
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
JS Help Desk – The Ultimate Help Desk & Support Plugin
JS Help Desk – The Ultimate Help Desk & Support Plugin
Researcher
CVE-ID
CVE-2024-12046
CVE-2024-12046
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Medical Addon for Elementor
Medical Addon for Elementor
Researcher
CVE-ID
CVE-2025-25101
CVE-2025-25101
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Ready to use Gutenberg and Elementor Templates – Munk Sites
Ready to use Gutenberg and Elementor Templates – Munk Sites
Researcher
CVE-ID
CVE-2025-22643
CVE-2025-22643
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
OnePress
OnePress
Researcher
CVE-ID
CVE-2025-25107
CVE-2025-25107
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
OneStore Sites
OneStore Sites
Researcher
CVE-ID
CVE-2025-22637
CVE-2025-22637
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Print PDF Generator and Publisher
Print PDF Generator and Publisher
Researcher
CVE-ID
CVE-2025-22665
CVE-2025-22665
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
RapidLoad AI – Optimize Web Vitals Automatically
RapidLoad AI – Optimize Web Vitals Automatically
Researcher
CVE-ID
CVE-2025-25120
CVE-2025-25120
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Slide Banners
Slide Banners
Researcher
CVE-ID
CVE-2025-25121
CVE-2025-25121
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
Theme Options Z
Theme Options Z
Researcher
CVE-ID
CVE-2025-22670
CVE-2025-22670
Patch Status
Patched
Patched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
VikBooking Hotel Booking Engine & PMS
VikBooking Hotel Booking Engine & PMS
Researcher
CVE-ID
CVE-2024-9661
CVE-2024-9661
Patch Status
Patched
Patched
Published
Feb 7, 2025
Feb 7, 2025
Affected Software
WP All Import Pro
WP All Import Pro
Researcher
CVE-ID
CVE-2025-25111
CVE-2025-25111
Patch Status
Unpatched
Unpatched
Published
Feb 3, 2025
Feb 3, 2025
Affected Software
WP Spell Check
WP Spell Check
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (February 3, 2025 to February 9, 2025) appeared first on Wordfence.
