Overview CVE-2025-13414 is a medium severity vulnerability affecting the Chamber Dashboard Business Directory plugin for WordPress. This vulnerability allows unauthenticated attackers to export sensitive business directory information. The issue stems from a missing capability check within the cdash_watch_for_export() function. This vulnerability affects all versions up to and including 3.3.11. Technical Details The vulnerability exists because the cdash_watch_for_export() function, responsible for handling data export requests, lacks proper authorization checks. Specifically, it fails to verify whether the user initiating the export has the necessary capabilities to perform this action. This oversight enables unauthenticated users to trigger the export functionality, potentially exposing confidential…
-
-
Overview CVE-2025-13405 is a medium-severity vulnerability affecting the Ace Post Type Builder plugin for WordPress. This vulnerability allows authenticated attackers with even Subscriber-level access to delete arbitrary custom taxonomies due to missing authorization validation in the cptb_delete_custom_taxonomy() function. All versions up to, and including, 1.9 are affected. This poses a significant risk to website integrity and data management. Technical Details The vulnerability resides in the cptb_delete_custom_taxonomy() function within the plugin’s core files. The function lacks proper authorization checks, meaning that any authenticated user, regardless of their role, can trigger the deletion of custom taxonomies by sending a specially crafted request.…
-
Overview CVE-2025-13404 is a medium severity vulnerability affecting the ATEC Duplicate Page & Post plugin for WordPress. This vulnerability allows authenticated attackers with Contributor-level access or higher to duplicate arbitrary posts, including private and password-protected ones, without proper authorization validation. This can lead to sensitive data exposure. Technical Details The vulnerability resides in the duplicate_post() function within the plugin. Versions up to and including 1.2.20 lack adequate authorization checks before allowing post duplication. Specifically, the plugin fails to verify if the user has the necessary permissions to duplicate the target post. An authenticated user with Contributor access can trigger the…
-
Overview CVE-2025-13389 identifies a critical vulnerability in the “Admin and Customer Messages After Order for WooCommerce: OrderConvo” plugin for WordPress. This flaw allows unauthenticated attackers to access sensitive WooCommerce order details and private conversation messages between customers and store administrators without proper authorization. Technical Details The vulnerability stems from a missing capability check on the get_order_by_id() function within the wprest.class.php file. Specifically, all versions of the plugin up to and including version 14 are affected. This oversight enables unauthenticated users to retrieve information about any order by simply providing its ID, bypassing the intended access controls. Affected file: includes/wprest.class.php Vulnerable…
-
Overview A critical vulnerability, identified as CVE-2025-13386, has been discovered in the Social Images Widget plugin for WordPress. This vulnerability allows unauthenticated attackers to potentially delete the plugin’s settings by exploiting a missing capability check. This poses a significant security risk, especially for websites relying on this plugin for displaying social media images. Technical Details The vulnerability stems from a missing capability check on the options_update function within the class-social-images-widget-settings.php file. This means that versions up to and including 2.1 of the Social Images Widget plugin do not properly verify if a user has the necessary permissions to modify the…
-
Overview CVE-2025-13385 details a time-based SQL Injection vulnerability found in the Bookme – Free Online Appointment Booking and Scheduling Plugin for WordPress. This vulnerability affects all versions up to, and including, 4.2. Exploitation of this vulnerability allows authenticated attackers with administrative privileges or higher to inject malicious SQL code, potentially leading to sensitive data extraction from the WordPress database. Technical Details The vulnerability resides within the `filter[status]` parameter used in the Bookings.php file of the Bookme plugin. Specifically, versions 4.2 and earlier suffer from insufficient input sanitization on the user-supplied `filter[status]` parameter. The lack of proper escaping and insufficient preparation…
-
Overview A critical security vulnerability, identified as CVE-2025-13383, has been discovered in the Job Board by BestWebSoft plugin for WordPress. This flaw allows unauthenticated attackers to inject malicious JavaScript code that can execute in the browsers of legitimate users. Specifically, all versions of the plugin up to and including 1.2.1 are affected. This article provides a detailed analysis of the vulnerability, its potential impact, and instructions on how to mitigate the risk. Technical Details The vulnerability is a Stored Cross-Site Scripting (XSS) issue. It arises from the plugin’s practice of directly saving the entire $_GET superglobal array, unsanitized, into the…
-
Overview CVE-2025-13382 describes an Insecure Direct Object Reference (IDOR) vulnerability found in the Frontend File Manager Plugin for WordPress. All versions up to and including 23.4 are affected. This flaw allows authenticated attackers, even those with Subscriber-level access, to rename files uploaded by other users. This is due to insufficient validation of file ownership during file rename requests processed by the /wpfm/v1/file-rename REST API endpoint. Technical Details The vulnerability stems from the Frontend File Manager plugin’s lack of proper authorization checks when handling file rename requests. The /wpfm/v1/file-rename REST API endpoint allows users to rename files using the fileid parameter,…
-
Overview CVE-2025-13380 describes an arbitrary file read vulnerability found in the AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress. This vulnerability affects all versions up to and including 1.0.1. An authenticated attacker with Contributor-level access or higher can exploit this flaw to read sensitive files on the server. This can lead to exposure of configuration files, database credentials, and other critical data. Technical Details The vulnerability stems from two main issues: Insufficient Validation in `lqdai_update_post` AJAX Endpoint: The plugin lacks proper validation of user-supplied file paths within the `lqdai_update_post` AJAX endpoint. This allows an attacker to manipulate…
-
Overview A critical security vulnerability, identified as CVE-2025-13376, has been discovered in the ProjectList WordPress plugin. This vulnerability allows authenticated attackers with Editor-level access or higher to upload arbitrary files to the affected WordPress site’s server. This could lead to remote code execution and complete compromise of the website. Technical Details The vulnerability stems from a lack of proper file type validation in the ProjectList plugin. Specifically, the pl-add.php page is vulnerable. Versions up to and including 0.3.0 are affected. The plugin fails to adequately check the file extension and content type of uploaded files, allowing malicious actors to bypass…