0.0
CVE-2025-64639 - WordPress WP Compress for MainWP plugin <= 6.50.07 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through <= 6.50.07.
0.0
CVE-2025-64638 - WordPress OnPay.io for WooCommerce plugin <= 1.0.47 - Broken Access Control vulnerability
Missing Authorization vulnerability in OnPay.io OnPay.io for WooCommerce onpay-io-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnPay.io for WooCommerce: from n/a through <= 1.0.47.
0.0
CVE-2025-64635 - WordPress Feeds for YouTube plugin <= 2.4.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi Feeds for YouTube feeds-for-youtube allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Feeds for YouTube: from n/a through <= 2.4.0.
0.0
CVE-2025-64634 - WordPress Avada theme <= 7.13.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeFusion Avada avada allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Avada: from n/a through <= 7.13.1.
0.0
CVE-2025-64633 - WordPress Norebro Extra plugin <= 1.6.8 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in colabrio Norebro Extra norebro-extra allows Code Injection.This issue affects Norebro Extra: from n/a through <= 1.6.8.
0.0
CVE-2025-64632 - WordPress Google XML Sitemaps plugin <= 4.1.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in Auctollo Google XML Sitemaps google-sitemap-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google XML Sitemaps: from n/a through <= 4.1.21.
0.0
CVE-2025-64631 - WordPress WCFM Marketplace plugin <= 3.6.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Marketplace: from n/a through <= 3.6.15.
0.0
CVE-2025-64630 - WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.19.
0.0
CVE-2025-64253 - WordPress Health Check & Troubleshooting plugin <= 1.7.1 - Path Traversal vulnerability
Path Traversal: '.../...//' vulnerability in WordPress.org Health Check & Troubleshooting health-check allows Path Traversal.This issue affects Health Check & Troubleshooting: from n/a through <= 1.7.1.
0.0
CVE-2025-64251 - WordPress Ultimate Learning Pro plugin <= 3.9.3 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through <= 3.9.3.