| ID | Title | Description | Published/Updated | Severity | Link |
|---|---|---|---|---|---|
| CVE-2025-12130 | CVE-2025-12130 - WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors <= 2.6.4 - Cross-Site Request Forgery to Vendor Product Deletion | CVE ID : CVE-2025-12130 Published : Dec. 5, 2025, 7:26 a.m. | 1 hour ago Description : The WC Vendors – WooCommerce Multivendor, WooCommerce Market... | Fri, 05 Dec 2025 07:26:18 +0000 | Unknown | Details |
| CVE-2025-13684 | CVE-2025-13684 - ARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings Update | CVE ID : CVE-2025-13684 Published : Dec. 5, 2025, 7:26 a.m. | 1 hour ago Description : The ARK Related Posts plugin for WordPress is vulnerable to ... | Fri, 05 Dec 2025 07:26:17 +0000 | Unknown | Details |
| CVE-2025-13515 | CVE-2025-13515 - Nouri.sh Newsletter <= 1.0.1.3 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] | CVE ID : CVE-2025-13515 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The Nouri.sh Newsletter plugin for WordPress is ... | Fri, 05 Dec 2025 07:16:11 +0000 | Unknown | Details |
| CVE-2025-12850 | CVE-2025-12850 - My auctions allegro <= 3.6.32 - Unauthenticated SQL Injection via auction_id | CVE ID : CVE-2025-12850 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The My auctions allegro plugin for WordPress is ... | Fri, 05 Dec 2025 07:16:11 +0000 | Unknown | Details |
| CVE-2025-12374 | CVE-2025-12374 - Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – User Verification <= 2.0.39 - Authentication Bypass to Account Takeover | CVE ID : CVE-2025-12374 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The Email Verification, Email OTP, Block Spam Em... | Fri, 05 Dec 2025 07:16:11 +0000 | Unknown | Details |
| CVE-2025-12373 | CVE-2025-12373 - Torod – The smart shipping and delivery portal for e-shops and retailers <= 1.9 - Cross-Site Request Forgery To Plugin's Settings Modification | CVE ID : CVE-2025-12373 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The Torod – The smart shipping and delivery port... | Fri, 05 Dec 2025 07:16:10 +0000 | Unknown | Details |
| CVE-2025-12355 | CVE-2025-12355 - Payaza <= 0.3.8 - Missing Authorization to Unauthenticated Order Status Update | CVE ID : CVE-2025-12355 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The Payaza plugin for WordPress is vulnerable to... | Fri, 05 Dec 2025 07:16:10 +0000 | Unknown | Details |
| CVE-2025-12354 | CVE-2025-12354 - Live CSS Preview <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update | CVE ID : CVE-2025-12354 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The Live CSS Preview plugin for WordPress is vul... | Fri, 05 Dec 2025 07:16:10 +0000 | Unknown | Details |
| CVE-2025-12186 | CVE-2025-12186 - Weekly Planner <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting | CVE ID : CVE-2025-12186 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The Weekly Planner plugin for WordPress is vulne... | Fri, 05 Dec 2025 07:16:10 +0000 | Unknown | Details |
| CVE-2025-12093 | CVE-2025-12093 - Voidek Employee Portal <= 1.0.6 - Missing Authorization | CVE ID : CVE-2025-12093 Published : Dec. 5, 2025, 7:16 a.m. | 1 hour, 10 minutes ago Description : The Voidek Employee Portal plugin for WordPress ... | Fri, 05 Dec 2025 07:16:08 +0000 | Unknown | Details |
| CVE-2025-66270 | CVE-2025-66270 - KDE Connect GSConnect Valent Device ID Correlation Vulnerability | CVE ID : CVE-2025-66270 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The KDE Connect protocol 8 before 2025-11-28 do... | Fri, 05 Dec 2025 06:16:09 +0000 | Unknown | Details |
| CVE-2025-32900 | CVE-2025-32900 - KDE Connect Information Exposure Vulnerability | CVE ID : CVE-2025-32900 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : In the KDE Connect information-exchange protoco... | Fri, 05 Dec 2025 06:16:08 +0000 | Unknown | Details |
| CVE-2025-13860 | CVE-2025-13860 - Easy Jump Links Menus <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes | CVE ID : CVE-2025-13860 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The Easy Jump Links Menus plugin for WordPress ... | Fri, 05 Dec 2025 06:16:08 +0000 | Unknown | Details |
| CVE-2025-13625 | CVE-2025-13625 - WP-SOS-Donate Donation Sidebar Plugin <= 0.9.2 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] | CVE ID : CVE-2025-13625 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The WP-SOS-Donate Donation Sidebar Plugin for W... | Fri, 05 Dec 2025 06:16:08 +0000 | Unknown | Details |
| CVE-2025-13623 | CVE-2025-13623 - Twitscription <= 0.1.1 - Reflected Cross-Site Scripting via admin.php PATH_INFO | CVE ID : CVE-2025-13623 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The Twitscription plugin for WordPress is vulne... | Fri, 05 Dec 2025 06:16:08 +0000 | Unknown | Details |
| CVE-2025-13622 | CVE-2025-13622 - Jabbernotification <= 0.99-RC2 - Reflected Cross-Site Scripting via admin.php PATH_INFO | CVE ID : CVE-2025-13622 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The Jabbernotification plugin for WordPress is ... | Fri, 05 Dec 2025 06:16:08 +0000 | Unknown | Details |
| CVE-2025-13621 | CVE-2025-13621 - dream gallery <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'dreampluginsmain' AJAX Action | CVE ID : CVE-2025-13621 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The dream gallery plugin for WordPress is vulne... | Fri, 05 Dec 2025 06:16:08 +0000 | Unknown | Details |
| CVE-2025-13528 | CVE-2025-13528 - Feedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter | CVE ID : CVE-2025-13528 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The Feedback Modal for Website plugin for WordP... | Fri, 05 Dec 2025 06:16:07 +0000 | Unknown | Details |
| CVE-2025-13512 | CVE-2025-13512 - CoSign Single Signon <= 0.3.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] | CVE ID : CVE-2025-13512 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The CoSign Single Signon plugin for WordPress i... | Fri, 05 Dec 2025 06:16:07 +0000 | Unknown | Details |
| CVE-2025-13360 | CVE-2025-13360 - Quantic Social Image Hover <= 1.0.8 - Cross-Site Request Forgery to Settings Update | CVE ID : CVE-2025-13360 Published : Dec. 5, 2025, 6:16 a.m. | 2 hours, 10 minutes ago Description : The Quantic Social Image Hover plugin for WordP... | Fri, 05 Dec 2025 06:16:07 +0000 | Unknown | Details |
Cached data expires in 24 hours. Health Check