9.3
CVE-2025-47573 - WordPress School Management System Plugin <= 92.0.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla School Management allows Blind SQL Injection. This issue affects School Management: from n/a through 92.0.0.
8.5
CVE-2025-48118 - WordPress Woocommerce Partial Shipment plugin <= 3.2 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpExperts Hub Woocommerce Partial Shipment wc-partial-shipment allows SQL Injection.This issue affects Woocommerce Partial Shipment: from n/a through <= 3.2.
7.1
CVE-2025-48145 - WordPress Track, Analyze & Optimize by WP Tao plugin <= 1.3 - Reflected Cross Site Scripting (XSS) โฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michal Jaworski Track, Analyze & Optimize by WP Tao wp-tao allows Reflected XSS.This issue affects Track, Analyze & Optimize by WP Tao: from n/a through <= 1.3.
9.3
CVE-2025-48274 - WordPress WP Job Portal plugin <= 2.3.2 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpjobportal WP Job Portal wp-job-portal allows Blind SQL Injection.This issue affects WP Job Portal: from n/a through <= 2.3.2.
6.5
CVE-2025-49234 - WordPress WP Dummy Content Generator plugin <= 3.4.6 - Arbitrary User Deletion vulnerability
Missing Authorization vulnerability in Deepak anand WP Dummy Content Generator wp-dummy-content-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Dummy Content Generator: from n/a through <= 3.4.6.
8.1
CVE-2025-49251 - WordPress Fana theme <= 1.1.28 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through <= 1.1.28.
8.1
CVE-2025-49252 - WordPress Besa theme <= 2.3.8 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through <= 2.3.8.
8.1
CVE-2025-49253 - WordPress Lasa theme <= 1.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Lasa lasa allows PHP Local File Inclusion.This issue affects Lasa: from n/a through <= 1.1.
8.1
CVE-2025-49254 - WordPress Nika theme <= 1.2.8 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through <= 1.2.8.
8.1
CVE-2025-49255 - WordPress Ruza theme <= 1.0.7 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Ruza ruza allows PHP Local File Inclusion.This issue affects Ruza: from n/a through <= 1.0.7.