0.0
CVE-2025-60086 - WordPress WP Voting Contest plugin <= 5.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through <= 5.8.
8.6
CVE-2025-60084 - WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.3.1 - PHP Object Injβ¦
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through <= 6.3.1.
8.8
CVE-2025-60083 - WordPress PDF Invoice Builder for WooCommerce plugin <= 6.3.2 - Deserialization of untrusted data vβ¦
Deserialization of Untrusted Data vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Object Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 6.3.2.
8.8
CVE-2025-60082 - WordPress PDF for WPForms plugin <= 6.3.1 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through <= 6.3.1.
0.0
CVE-2025-60081 - WordPress PDF for Contact Form 7 plugin <= 6.3.4 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through <= 6.3.4.
0.0
CVE-2025-60080 - WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.3.0 - PHP Object Injecβ¦
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through <= 6.3.0.
0.0
CVE-2025-60079 - WordPress Parallax Section block plugin <= 1.0.9 - Broken Authentication vulnerability
Missing Authorization vulnerability in bPlugins Parallax Section block parallax-section allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Parallax Section block: from n/a through <= 1.0.9.
0.0
CVE-2025-60078 - WordPress Task Manager plugin <= 3.0.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Agence web Eoxia - Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through <= 3.0.2.
0.0
CVE-2025-60077 - WordPress YayPricing plugin <= 3.5.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in YayCommerce YayPricing yaypricing allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects YayPricing: from n/a through <= 3.5.3.
7.5
CVE-2025-60076 - WordPress Ray Enterprise Translation plugin <= 1.7.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jbhovik Ray Enterprise Translation lingotek-translation allows PHP Local File Inclusion.This issue affects Ray Enterprise Translation: from n/a through <= 1.7.1.