0.0
CVE-2025-39443 - WordPress Verge3D plugin <= 4.9.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D verge3d allows Cross Site Request Forgery.This issue affects Verge3D: from n/a through <= 4.9.0.
0.0
CVE-2025-39452 - WordPress WPCafe plugin <= 2.2.32 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Arraytics WPCafe wp-cafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through <= 2.2.32.
0.0
CVE-2025-39453 - WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.9.3 - Cross Site Request Forgery (CSโฆ
Cross-Site Request Forgery (CSRF) vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce advanced-dynamic-pricing-for-woocommerce allows Cross Site Request Forgery.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through <= 4.9.3.
0.0
CVE-2025-39455 - WordPress IP2Location Variables plugin <= 2.9.5 - CSRF to Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in IP2Location IP2Location Variables ip2location-variables allows Reflected XSS.This issue affects IP2Location Variables: from n/a through <= 2.9.5.
0.0
CVE-2025-39456 - WordPress WP Logger plugin <= 2.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in iTRON WP Logger wp-data-logger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Logger: from n/a through <= 2.2.
0.0
CVE-2025-39457 - WordPress Booking and Rental Manager plugin <= 2.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking and Rental Manager: from n/a through <= 2.2.8.
0.0
CVE-2025-39461 - WordPress Docket Cache plugin <= 24.07.02 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nawawi Jamili Docket Cache docket-cache allows PHP Local File Inclusion.This issue affects Docket Cache: from n/a through <= 24.07.02.
0.0
CVE-2025-39462 - WordPress Smart Agreements plugin <= 1.0.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in teamzt Smart Agreements smart-agreements allows PHP Local File Inclusion.This issue affects Smart Agreements: from n/a through <= 1.0.3.
0.0
CVE-2025-39464 - WordPress AdminQuickbar plugin <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtowebsites AdminQuickbar adminquickbar allows Reflected XSS.This issue affects AdminQuickbar: from n/a through <= 1.9.1.
7.1
CVE-2025-25234 -
Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability.ย A malicious actor with network access to UAG may be able to bypass administrator-configured CORS restrictions to gain access to sensitive networks.