4.3
CVE-2025-62099 - WordPress Signature Add-On for Gravity Forms plugin <= 1.8.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in approveme Signature Add-On for Gravity Forms gravity-signature-forms-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through <= 1.8.6.
4.3
CVE-2025-62101 - WordPress Pardakht Delkhah plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah pardakht-delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through <= 3.0.0.
4.3
CVE-2025-63038 - WordPress WP Custom Admin Interface plugin <= 7.40 - Broken Access Control vulnerability
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through <= 7.40.
4.3
CVE-2025-62078 - WordPress Easy Upload Files During Checkout plugin <= 3.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Fahad Mahmood Easy Upload Files During Checkout easy-upload-files-during-checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Upload Files During Checkout: from n/a through <= 3.0.0.
4.3
CVE-2025-49339 - WordPress Direct Payments WP plugin <= 1.3.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Digages Direct Payments WP direct-payments-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through <= 1.3.2.
4.3
CVE-2025-49340 - WordPress Direct Payments WP plugin <= 1.3.2 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Digages Direct Payments WP direct-payments-wp allows Retrieve Embedded Sensitive Data.This issue affects Direct Payments WP: from n/a through <= 1.3.2.
4.3
CVE-2025-62083 - WordPress BoomDevs WordPress Coming Soon plugin plugin <= 1.0.4 - Sensitive Data Exposure vulnerabiβ¦
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Messiah BoomDevs WordPress Coming Soon coming-soon-by-boomdevs allows Retrieve Embedded Sensitive Data.This issue affects BoomDevs WordPress Coming Soon: from n/a through <= 1.0.4.
4.3
CVE-2025-62113 - WordPress Co-marquage service-public.fr plugin <= 0.5.77 - Cross Site Request Forgery (CSRF) vulnerβ¦
Cross-Site Request Forgery (CSRF) vulnerability in emendo_seb Co-marquage service-public.fr co-marquage-service-public allows Cross Site Request Forgery.This issue affects Co-marquage service-public.fr: from n/a through <= 0.5.77.
4.3
CVE-2025-62115 - WordPress Hide Plugins plugin <= 1.0.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeBoy Hide Plugins hide-plugins allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hide Plugins: from n/a through <= 1.0.4.
4.3
CVE-2025-62123 - WordPress WP Gmail SMTP plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in inkthemes WP Gmail SMTP wp-gmail-smtp allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through <= 1.0.7.