10
CVE-2025-47637 - WordPress STAGGS plugin <= 2.11.0 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in STAGGS STAGGS staggs allows Upload a Web Shell to a Web Server.This issue affects STAGGS: from n/a through <= 2.11.0.
9.3
CVE-2025-47640 - WordPress Printcart Web to Print Product Designer for WooCommerce plugin <= 2.4.0 - SQL Injection Vβ¦
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows SQL Injection.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a thrβ¦
10
CVE-2025-47641 - WordPress Printcart Web to Print Product Designer for WooCommerce plugin <= 2.3.9 - Arbitrary File β¦
Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows Upload a Web Shell to a Web Server.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.3.9.
10
CVE-2025-47642 - WordPress Ajar in5 Embed plugin <= 3.1.5 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through <= 3.1.5.
9.8
CVE-2025-47646 - WordPress PSW Front-end Login & Registration plugin <= 1.13 - Broken Authentication Vulnerability
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration psw-login-and-registration allows Password Recovery Exploitation.This issue affects PSW Front-end Login & Registration: from n/a through <= 1.13.
9.9
CVE-2025-47658 - WordPress ELEX HelpDesk & Customer Ticketing System plugin <= 3.2.9 - Arbitrary File Upload vulneraβ¦
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Upload a Web Shell to a Web Server.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a tβ¦
8.8
CVE-2025-47660 - WordPress WC Affiliate plugin <= 2.16 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate wc-affiliate allows Object Injection.This issue affects WC Affiliate: from n/a through <= 2.16.
9.9
CVE-2025-47663 - WordPress Hospital Management System plugin <= 47.0(20-11-2023) - Arbitrary File Upload vulnerabiliβ¦
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server. This issue affects Hospital Management System: from 47.0(20 through 11.
8.1
CVE-2025-47670 - WordPress Social Login and Register plugin <= 7.6.10 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <=β¦
7.6
CVE-2025-47671 - WordPress Binary MLM Plan plugin <= 3.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LETSCMS MLM Software Binary MLM Plan binary-mlm-plan allows SQL Injection.This issue affects Binary MLM Plan: from n/a through <= 3.0.