4.3
CVE-2025-62150 - WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in themesawesome History Timeline timeline-awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through <= 1.0.6.
4.3
CVE-2025-62154 - WordPress AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One pluginβ¦
Missing Authorization vulnerability in recorp AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One ai-content-writing-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Content Writing Assistant (Content Writer, Chatβ¦
5.3
CVE-2025-62114 - WordPress Download Media Library plugin <= 0.2.1 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in marcelotorres Download Media Library download-media-library allows Retrieve Embedded Sensitive Data.This issue affects Download Media Library: from n/a through <= 0.2.1.
5.3
CVE-2025-62116 - WordPress AI Copilot plugin <= 1.5.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in quadlayers AI Copilot ai-copilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Copilot: from n/a through <= 1.5.2.
5.3
CVE-2025-62122 - WordPress Trash Duplicate and 301 Redirect plugin <= 1.9.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in solwininfotech Trash Duplicate and 301 Redirect trash-duplicate-and-301-redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trash Duplicate and 301 Redirect: from n/a through <= 1.9.1.
5.3
CVE-2025-62079 - WordPress WP Export Categories & Taxonomies plugin <= 1.0.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies wp-export-categories-taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through <= 1.0.3.
5.3
CVE-2025-62126 - WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through <= 1.8.3.
5.3
CVE-2025-49338 - WordPress Flowbox plugin <= 1.1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Flowbox Flowbox flowbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flowbox: from n/a through <= 1.1.6.
5.3
CVE-2025-62747 - WordPress Featured Image Generator plugin <= 1.3.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Aum Watcharapon Featured Image Generator featured-image-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image Generator: from n/a through <= 1.3.4.
5.3
CVE-2025-15390 - PHPGurukul Small CRM edit-user.php authorization
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attackβ¦