7.5
CVE-2025-60193 - WordPress Premmerce User Roles plugin <= 1.0.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce User Roles premmerce-user-roles allows PHP Local File Inclusion.This issue affects Premmerce User Roles: from n/a through <= 1.0.13.
7.5
CVE-2025-60192 - WordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulne…
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for W…
7.5
CVE-2025-60191 - WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a throug…
8.1
CVE-2025-60190 - WordPress Immocaster WordPress Plugin plugin <= 1.3.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hinnerk Altenburg Immocaster WordPress Plugin immocaster allows PHP Local File Inclusion.This issue affects Immocaster WordPress Plugin: from n/a through <= 1.3.6.
7.5
CVE-2025-60189 - WordPress PoloPag – Pix Automático para Woocommerce plugin <= 2.0.9 - Local File Inclusion vulnerab…
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PoloPag PoloPag – Pix Automático para Woocommerce wc-polo-payments allows PHP Local File Inclusion.This issue affects PoloPag – Pix Automático para Woocommerce: from …
7.5
CVE-2025-60188 - WordPress Atarim plugin <= 4.2.1 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.1.
4.8
CVE-2025-60187 - WordPress Atarim plugin <= 4.2.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Using Malicious Files.This issue affects Atarim: from n/a through <= 4.2.1.
7.5
CVE-2025-60074 - WordPress Lazy Load Optimizer plugin <= 1.4.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Lazy Load Optimizer lazy-load-optimizer allows PHP Local File Inclusion.This issue affects Lazy Load Optimizer: from n/a through <= 1.4.7.
7.5
CVE-2025-60073 - WordPress Responsive Sidebar plugin <= 1.2.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Responsive Sidebar responsive-sidebar allows PHP Local File Inclusion.This issue affects Responsive Sidebar: from n/a through <= 1.2.2.
7.1
CVE-2025-59556 - WordPress GoStore theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup GoStore gostore allows Reflected XSS.This issue affects GoStore: from n/a through < 1.6.4.