8.8
CVE-2025-62751 - WordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerability
Missing Authorization vulnerability in extendthemes Vireo vireo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Vireo: from n/a through <= 1.0.24.
0.0
CVE-2025-62133 - WordPress FormFacade plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in manidoraisamy FormFacade formfacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through <= 1.4.1.
0.0
CVE-2025-63014 - WordPress Gmedia Photo Gallery plugin <= 1.25.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Serhii Pasyuk Gmedia Photo Gallery grand-media allows Cross Site Request Forgery.This issue affects Gmedia Photo Gallery: from n/a through <= 1.25.0.
0.0
CVE-2025-62089 - WordPress Mergado Pack plugin <= 4.2.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack mergado-marketing-pack allows Cross Site Request Forgery.This issue affects Mergado Pack: from n/a through <= 4.2.1.
0.0
CVE-2025-62084 - WordPress iNext Woo Pincode Checker plugin <= 2.3.1 - Cross Site Request Forgery (CSRF) vulnerabiliβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Imdad Next Web iNext Woo Pincode Checker inext-woo-pincode-checker allows Cross Site Request Forgery.This issue affects iNext Woo Pincode Checker: from n/a through <= 2.3.1.
0.0
CVE-2025-62143 - WordPress Post Video Players plugin <= 1.163 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in nicashmu Post Video Players video-playlist-and-gallery-plugin allows Retrieve Embedded Sensitive Data.This issue affects Post Video Players: from n/a through <= 1.163.
0.0
CVE-2025-62148 - WordPress Robots.txt rewrite plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Eugen Bobrowski Robots.txt rewrite robotstxt-rewrite allows Cross Site Request Forgery.This issue affects Robots.txt rewrite: from n/a through <= 1.6.1.
0.0
CVE-2025-62080 - WordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Cross Site Request Forβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Channelize.io Team Live Shopping & Shoppable Videos For WooCommerce live-shopping-video-streams allows Cross Site Request Forgery.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through <= 2.2.0.
0.0
CVE-2025-62150 - WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in themesawesome History Timeline timeline-awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through <= 1.0.6.
0.0
CVE-2025-62154 - WordPress AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One pluginβ¦
Missing Authorization vulnerability in recorp AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One ai-content-writing-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Content Writing Assistant (Content Writer, Chatβ¦