0.0
CVE-2025-55707 - WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through <= 4.1.35.
0.0
CVE-2025-54751 - WordPress PostX plugin <= 4.1.36 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 4.1.36.
0.0
CVE-2025-54748 - WordPress MapSVG Plugin < 8.6.12 - Arbitrary File Download Vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through < 8.6.12.
0.0
CVE-2025-54745 - WordPress miniOrange's Google Authenticator Plugin <= 6.1.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in miniOrange miniOrange's Google Authenticator miniorange-2-factor-authentication allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects miniOrange's Google Authenticator: from n/a through <= 6.1.1.
0.0
CVE-2025-54743 - WordPress Download After Email Plugin 2.1.5-2.1.6 - Other Vulnerability Type Vulnerability
Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through 2.1.5-2.1.6.
0.0
CVE-2025-54741 - WordPress Super Blank Plugin <= 1.2.0 - Arbitrary Content Deletion Vulnerability
Missing Authorization vulnerability in Tyler Moore Super Blank super-blank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Blank: from n/a through <= 1.2.0.
0.0
CVE-2025-54723 - WordPress DentiCare Theme < 1.4.3 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object Injection.This issue affects DentiCare: from n/a through < 1.4.3.
0.0
CVE-2025-53453 - WordPress Hygia theme <= 1.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Hygia hygia allows PHP Local File Inclusion.This issue affects Hygia: from n/a through <= 1.16.
0.0
CVE-2025-53449 - WordPress Convex theme <= 1.11 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Convex convex allows PHP Local File Inclusion.This issue affects Convex: from n/a through <= 1.11.
0.0
CVE-2025-53448 - WordPress Rally theme <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through <= 1.1.