AI-Powered CVE Analysis for WordPress Plugins

The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.2 due to missing validation on a user controlled key in the `action` function. This makes it possible for authenticated attackers, with Author-level access and above, to update post metadata for arbitrary posts. Combined with a…

The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the add_menu_item() method hooked to admin_menu in all versions up to, and including, 4.5.8. This is due to the method performing wp_insert_post() and update_post_meta() calls to create a sharing configuration without…

The Website LLMs.txt plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 8.2.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such…

The Penci Soledad Data Migrator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an…

The BuilderPress plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.1. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data,…

The WPCafe – Restaurant Menu, Online Food Ordering and Reservation Booking Solution plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 3.0.7. This makes it possible for unauthenticated attackers to perform an unauthorized action.

The Timetics – Appointment Booking Calendar & Scheduling System plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to 1.0.52 (exclusive). This makes it possible for unauthenticated attackers to perform an unauthorized action.

The Divi Booster plugin for WordPress is vulnerable to PHP Object Injection in versions up to 5.0.2 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or…

The Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to 1.6.1 (exclusive). This makes it possible for authenticated attackers, with Contributor-level access and above, to perform an…

The Mobile App Editor – WordPress to Android App Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.3.1. This makes it possible for authenticated attackers, with Editor-level access and above, to upload arbitrary files on the affected site's server which…

The Datalogics Ecommerce Delivery – Datalogics plugin for WordPress is vulnerable to privilege escalation in all versions up to 2.6.60 (exclusive). This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.

The MetForm Pro plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 3.9.1. This makes it possible for unauthenticated attackers to perform an unauthorized action.

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.7.1. This makes it possible for unauthenticated attackers to bypass authentication.

The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.0.8.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with editor-level access and…

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.1.0.30. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.

The Reading progressbar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This…

The Guest posting / Frontend Posting / Front Editor – WP Front User Submit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to 5.0.6 (exclusive). This makes it possible for unauthenticated attackers to extract sensitive user or configuration data.

The Everest Forms Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.9.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.7.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract sensitive user or configuration data.

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email notification triggering due to missing capability checks on all 10 functions in the SendEmailAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch_lp_ajax() dispatcher verifies a wp_rest nonce but performs no current_user_can() check before dispatching to handler functions. The…