5.3
CVE-2025-64632 - WordPress Google XML Sitemaps plugin <= 4.1.22 - Broken Access Control vulnerability
Missing Authorization vulnerability in Auctollo Google XML Sitemaps google-sitemap-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google XML Sitemaps: from n/a through <= 4.1.22.
5
CVE-2025-64631 - WordPress WCFM Marketplace plugin <= 3.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Marketplace: from n/a through <= 3.7.1.
4.7
CVE-2025-64630 - WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.19.
4.9
CVE-2025-64253 - WordPress Health Check & Troubleshooting plugin <= 1.7.1 - Path Traversal vulnerability
Path Traversal: '.../...//' vulnerability in WordPress.org Health Check & Troubleshooting health-check allows Path Traversal.This issue affects Health Check & Troubleshooting: from n/a through <= 1.7.1.
4.9
CVE-2025-64251 - WordPress Ultimate Learning Pro plugin <= 3.9.3 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through <= 3.9.3.
6.1
CVE-2025-64250 - WordPress Directorist plugin <= 8.6.6 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist directorist allows Phishing.This issue affects Directorist: from n/a through <= 8.6.6.
4.8
CVE-2025-64249 - WordPress Protect WP Admin plugin <= 4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP-EXPERTS.IN Protect WP Admin protect-wp-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protect WP Admin: from n/a through <= 4.1.
4.3
CVE-2025-64248 - WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through <= 2.5.3.
6.5
CVE-2025-64247 - WordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through <= 3.5.5.1.
4.3
CVE-2025-64246 - WordPress Accessibility by AudioEye plugin <= 1.0.49 - Broken Access Control vulnerability
Missing Authorization vulnerability in netopsae Accessibility by AudioEye accessibility-by-audioeye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility by AudioEye: from n/a through <= 1.0.49.