Overview A Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2025-13685, has been discovered in the Photo Gallery by Ays plugin for WordPress. This vulnerability affects versions up to and including 6.4.8. An unauthenticated attacker can exploit this flaw to perform bulk actions, such as deleting, publishing, or unpublishing galleries, if they can trick an administrator into clicking a malicious link or performing another action that unknowingly triggers the forged request. Technical Details The vulnerability stems from the missing nonce verification in the process_bulk_action() function. Specifically, the code responsible for handling bulk actions within the plugin does not properly validate that…

Published: 2025-12-02T07:15:48.520 Overview A Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2025-13140, affects the SurveyJS: Drag & Drop WordPress Form Builder plugin for WordPress. This vulnerability exists in all versions up to and including 1.12.20. An unauthenticated attacker can exploit this flaw to delete surveys if they can trick a site administrator into clicking a malicious link or performing an action that triggers a forged request. Technical Details The vulnerability stems from a missing nonce validation on the SurveyJS_DeleteSurvey AJAX action. WordPress uses nonces as security tokens to verify that HTTP requests originate from the same session. Without proper nonce…

Overview A significant security vulnerability, identified as CVE-2025-13007, has been discovered in the WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets plugin for WordPress. This vulnerability is a Stored Cross-Site Scripting (XSS) flaw, affecting all versions up to and including 3.20.3. It allows unauthenticated attackers to inject malicious JavaScript code into pages, potentially compromising user accounts and website security. Technical Details The root cause of this vulnerability lies in the plugin’s insufficient input sanitization and output escaping when handling content sourced from external platforms, such as Google Business Profile and Facebook. Specifically, the plugin fails to properly…

Overview CVE-2025-12483 identifies a Medium severity SQL Injection vulnerability found in the Visualizer: Tables and Charts Manager plugin for WordPress. This flaw affects versions up to and including 3.11.12. Successful exploitation could allow authenticated attackers with Contributor-level access or higher to inject malicious SQL queries, potentially leading to sensitive data extraction from the WordPress database. The vulnerability is resolved in versions 3.11.14 and later. Technical Details The vulnerability resides within the plugin’s handling of the ‘query’ parameter. Specifically, insufficient escaping of user-supplied input and inadequate preparation of the existing SQL query create an opportunity for SQL Injection. The affected files…

Overview A critical SQL injection vulnerability has been identified in the Donation WordPress plugin, affecting versions up to and including 1.0. This vulnerability, tracked as CVE-2025-13001, allows authenticated users with high privileges, such as administrators, to potentially execute arbitrary SQL queries on the WordPress database. This can lead to a complete compromise of the website. It is crucial to update or remove this plugin immediately. Technical Details CVE-2025-13001 stems from a lack of proper sanitization and escaping of user-supplied input within the Donation plugin. Specifically, a parameter used in a SQL query is not adequately validated before being incorporated into…

Important: This post details a known security vulnerability. If you are using the db-access WordPress plugin, please read this carefully and take immediate action to protect your website. Overview CVE-2025-13000 identifies a critical SQL injection vulnerability found in the db-access WordPress plugin, affecting versions up to and including 0.8.7. This flaw stems from the lack of proper authorization checks within an AJAX action, allowing authenticated users (even those with minimal privileges, such as subscribers) to potentially execute arbitrary SQL queries against the WordPress database. Technical Details The vulnerability resides in an AJAX endpoint within the db-access plugin that lacks sufficient…

Overview A Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2025-13606, has been discovered in the “Export All Posts, Products, Orders, Refunds & Users” WordPress plugin. This vulnerability affects all versions up to and including 2.19. It allows unauthenticated attackers to potentially export sensitive information from a WordPress site by exploiting a missing or incorrect nonce validation on the parseData function. This could lead to the exposure of user data, email addresses, password hashes, WooCommerce data, and other sensitive information. Technical Details The vulnerability stems from the lack of proper CSRF protection within the parseData function of the plugin. A missing…

Overview A high-severity Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Kadence WooCommerce Email Designer plugin for WordPress. This vulnerability, tracked as CVE-2025-13387, affects all versions up to and including 1.5.17. Unauthenticated attackers can exploit this flaw to inject malicious JavaScript code into your WordPress site, potentially compromising user accounts and sensitive data. Technical Details The vulnerability stems from insufficient input sanitization and output escaping of the customer name within the plugin. Specifically, when an order is placed, the customer’s name is used within the email templates managed by the Kadence WooCommerce Email Designer. An attacker can inject…

Overview CVE-2025-20792 describes a significant vulnerability affecting MediaTek modem components. This vulnerability allows for a remote denial-of-service (DoS) attack without requiring any user interaction. The attacker needs to control a rogue base station to which a vulnerable device connects. Technical Details The vulnerability stems from improper input validation within the modem software. When a device connects to a rogue base station, the attacker can send maliciously crafted data that triggers a system crash due to this flawed validation. The Patch ID for this vulnerability is MOLY01717526, and the Issue ID is MSV-5591. Specifically, the modem fails to adequately sanitize incoming…

Overview CVE-2025-20791 is a critical vulnerability affecting MediaTek modem components. This flaw stems from incorrect error handling within the modem firmware, potentially leading to a system crash. A successful exploit can result in a remote denial-of-service (DoS) condition, effectively rendering the affected device unusable. The vulnerability is particularly concerning as it requires no user interaction and can be triggered remotely by a malicious actor controlling a rogue base station. Technical Details The specific vulnerability, identified as Issue ID MSV-4298, arises from improper error handling within the modem software. When a User Equipment (UE) connects to a rogue base station controlled…