4.3
CVE-2025-62733 - WordPress Custom Sidebars by ProteusThemes plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnβ¦
Cross-Site Request Forgery (CSRF) vulnerability in ProteusThemes Custom Sidebars by ProteusThemes custom-sidebars-by-proteusthemes allows Cross Site Request Forgery.This issue affects Custom Sidebars by ProteusThemes: from n/a through <= 1.0.3.
8.8
CVE-2025-62153 - WordPress Quick Interest Slider plugin <= 3.1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Interest Slider: from n/a through <= 3.1.5.
8.8
CVE-2025-62152 - WordPress ConveyThis plugin <= 269.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.2.
8.8
CVE-2025-62151 - WordPress Virtuaria PagBank / PagSeguro para Woocommerce plugin <= 3.6.3 - Broken Access Control vuβ¦
Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce virtuaria-pagseguro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virtuaria PagBank / PagSeguro para Woocommerce: from n/a through <= 3.6.3.
7.5
CVE-2025-62109 - WordPress Geo Controller plugin <= 8.9.4 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through <= 8.9.4.
4.3
CVE-2025-62103 - WordPress Media Library File Download plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabiliβ¦
Cross-Site Request Forgery (CSRF) vulnerability in wpmediadownload Media Library File Download media-download allows Cross Site Request Forgery.This issue affects Media Library File Download: from n/a through <= 1.4.
4.3
CVE-2025-62102 - WordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1.
5.3
CVE-2025-62100 - WordPress ThemeRain Core plugin <= 1.1.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in themerain ThemeRain Core themerain-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeRain Core: from n/a through <= 1.1.9.
8.5
CVE-2025-62093 - WordPress Image&Video FullScreen Background plugin <= 1.6.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Image&Video FullScreen Background lbg_fullscreen_fullwidth_slider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through <= 1.6.7.
6.5
CVE-2025-62090 - WordPress Gutenverse News β Advanced News Magazine Blog Gutenberg Blocks Addons plugin <= 3.0.2 - Bβ¦
Missing Authorization vulnerability in Jegstudio Gutenverse News β Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse News β Advanced News Magazine Blog Gutenberg Blocks Addons: frβ¦