4.3
CVE-2025-67591 - WordPress JNews Paywall plugin < 12.0.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Paywall: from n/a through < 12.0.1.
4.3
CVE-2025-67590 - WordPress Ultimate FAQ plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate FAQ ultimate-faqs allows Cross Site Request Forgery.This issue affects Ultimate FAQ: from n/a through <= 2.4.3.
4.3
CVE-2025-67589 - WordPress WooCommerce PDF Invoices & Packing Slips plugin <= 4.9.1 - Broken Access Control vulnerabโฆ
Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through <= 4.9.1.
4.3
CVE-2025-67588 - WordPress Elementor Website Builder plugin <= 3.33.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.33.0.
4.3
CVE-2025-67587 - WordPress WP Gravity Forms FreshDesk Plugin plugin <= 1.3.5 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Phishing.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through <= 1.3.5.
5.3
CVE-2025-67586 - WordPress Highlight and Share plugin <= 5.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through <= 5.2.0.
4.7
CVE-2025-67585 - WordPress Flexmlsยฎ IDX plugin <= 3.15.7 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in flexmls Flexmlsยฎ IDX flexmls-idx allows Phishing.This issue affects Flexmlsยฎ IDX: from n/a through <= 3.15.7.
5.3
CVE-2025-67584 - WordPress GoDAM plugin <= 1.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6.
5.3
CVE-2025-67583 - WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15.
5.3
CVE-2025-67582 - WordPress Wbcom Designs plugin <= 2.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1.