7.5
CVE-2023-25995 - WordPress AI Mortgage Calculator <= 1.0.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator allows PHP Local File Inclusion. This issue affects AI Mortgage Calculator: from n/a through 1.0.1.
6.5
CVE-2023-25997 - WordPress Sola Support Ticket <= 3.17 - Arbitrary Content Deletion Vulnerability
Missing Authorization vulnerability in SolaPlugins Sola Support Ticket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sola Support Ticket: from n/a through 3.17.
5.9
CVE-2023-26000 - WordPress Bang tinh vay <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hanhdo205 Bang tinh vay allows Stored XSS. This issue affects Bang tinh vay: from n/a through 1.0.1.
5.9
CVE-2023-26001 - WordPress Next Event Calendar <= 1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marchetti Design Next Event Calendar allows Stored XSS. This issue affects Next Event Calendar: from n/a through 1.2.
4.3
CVE-2023-26002 - WordPress 6Storage Rentals <= 2.19.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.19.5.
7.6
CVE-2023-26003 - WordPress WP Post Corrector <= 1.0.2 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector allows SQL Injection. This issue affects WP Post Corrector: from n/a through 1.0.2.
5.3
CVE-2025-23969 - WordPress KI Live Video Conferences plugin <= 5.5.15 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through <= 5.5.15.
5.3
CVE-2025-23971 - WordPress KI Live Video Conferences plugin <= 5.5.15 - Broken Access Control Vulnerability
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through <= 5.5.15.
5.4
CVE-2025-24762 - WordPress TicketBAI Facturas para WooCommerce plugin <= 3.45 - Broken Access Control vulnerability
Missing Authorization vulnerability in facturaone TicketBAI Facturas para WooCommerce wp-ticketbai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TicketBAI Facturas para WooCommerce: from n/a through <= 3.45.
5.3
CVE-2025-24763 - WordPress bbPress API plugin <= 1.0.14 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Pascal Casier bbPress API bbp-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects bbPress API: from n/a through <= 1.0.14.