Overview A high-severity vulnerability, identified as CVE-2025-13536, has been discovered in the Blubrry PowerPress plugin for WordPress. This flaw allows authenticated attackers with Contributor-level access or higher to upload arbitrary files to the server, potentially leading to remote code execution. This vulnerability affects all versions up to and including 11.15.2. Technical Details The vulnerability stems from insufficient file type validation within the ‘powerpress_edit_post’ function. While the plugin attempts to validate file extensions, it fails to halt execution when validation fails. This allows attackers to bypass security checks and upload malicious files. Specifically, the issue lies within the file upload handling…

Overview CVE-2025-13441 is a medium severity vulnerability affecting the “Hide Category by User Role for WooCommerce” plugin for WordPress. This vulnerability allows unauthenticated attackers to flush the site’s object cache, potentially leading to performance degradation or other unintended consequences. The vulnerability exists in all versions up to and including 2.3.1. Technical Details The vulnerability stems from a missing authorization check on the admin_init hook within the plugin. Specifically, the wp_cache_flush() function is executed without verifying if the user has the necessary capabilities. This means that an unauthenticated attacker can craft a malicious request to trigger the admin_init hook, leading to…

Published: 2025-11-27T07:15:54.943 Overview CVE-2025-13157 is a medium severity vulnerability affecting the QODE Wishlist for WooCommerce plugin for WordPress. This plugin, in versions up to and including 1.2.7, is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. This flaw allows unauthenticated attackers to modify the publicly displayed information of arbitrary wishlists on a vulnerable WooCommerce store. Technical Details The vulnerability lies within the qode_wishlist_for_woocommerce_wishlist_table_item_callback function in the inc/wishlist/shortcodes/wishlist-table/helper-ajax.php file. The plugin fails to properly validate user-supplied input, specifically a user-controlled key, when updating wishlist items. This lack of validation enables attackers to directly reference and modify wishlist data without proper…

Overview CVE-2025-13525 is a security vulnerability affecting the WP Directory Kit plugin for WordPress. This vulnerability is classified as a Reflected Cross-Site Scripting (XSS) issue, allowing unauthenticated attackers to inject malicious scripts into web pages. Exploitation is possible by tricking a user into clicking a specially crafted link. The affected versions of the WP Directory Kit plugin are all versions up to, and including, 1.4.5. It’s crucial to update your plugin to a patched version to mitigate this risk. Technical Details The vulnerability resides in the way the WP Directory Kit plugin handles the order_by parameter. Specifically, the plugin fails…

Overview A Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2025-13143, has been discovered in the Poll, Survey & Quiz Maker Plugin by Opinion Stage for WordPress. This vulnerability affects all versions up to and including 19.12.0. It allows unauthenticated attackers to potentially disconnect a WordPress site from its Opinion Stage platform integration by tricking an administrator into clicking a malicious link or performing another action that unknowingly triggers a forged request. Technical Details The vulnerability stems from missing or insufficient nonce validation within the disconnect_account_action function of the plugin. Nonces are cryptographic tokens designed to protect against CSRF attacks. The…

Overview A stored Cross-Site Scripting (XSS) vulnerability has been identified in the StaffList plugin for WordPress, tracked as CVE-2025-12185. This vulnerability affects versions up to and including 3.2.6. An authenticated attacker with administrator-level permissions can inject malicious web scripts into the plugin’s settings. These scripts will execute when a user accesses a page where the injected content is displayed. This issue primarily affects multi-site installations and installations where the unfiltered_html capability has been disabled. Technical Details The StaffList plugin fails to properly sanitize user-supplied input within its admin settings. Consequently, when an administrator modifies settings (e.g., within the staff member…

Overview CVE-2025-12123 identifies a reflected Cross-Site Scripting (XSS) vulnerability affecting the Customer Reviews Collector for WooCommerce plugin for WordPress. This vulnerability exists in all versions up to and including 4.6.1. It allows unauthenticated attackers to inject arbitrary web scripts into pages if they can trick a user into clicking a malicious link. Technical Details The vulnerability lies in the insufficient input sanitization and output escaping of the email-text parameter. An attacker can craft a malicious URL containing JavaScript code within the email-text parameter. When a user clicks on this crafted link, the injected JavaScript will execute in the user’s browser,…

Overview CVE-2025-7820 is a high-severity vulnerability affecting the SKT PayPal for WooCommerce plugin for WordPress, versions up to and including 1.4. This vulnerability allows unauthenticated attackers to bypass payment processing and make confirmed purchases without actually paying, potentially leading to significant financial losses for store owners. Technical Details The vulnerability stems from the plugin’s reliance on client-side controls for payment processing. Instead of validating payments securely on the server-side, the plugin incorrectly trusts data sent from the client (browser). An attacker can manipulate this client-side data to indicate that a payment has been successfully processed, even if no actual transaction…

Overview CVE-2025-3784 describes a medium severity vulnerability affecting all versions of GX Works2, a software suite used for programming Mitsubishi Electric programmable logic controllers (PLCs). The vulnerability stems from the cleartext storage of sensitive information, specifically user credentials, within project files. This allows an attacker to potentially extract these credentials and gain unauthorized access to protected project files, leading to the modification or theft of sensitive data. Technical Details The core issue lies in how GX Works2 stores authentication credentials. Instead of employing encryption or hashing techniques, the software saves these credentials in plaintext within project files. An attacker who…

Overview A high-severity vulnerability, identified as CVE-2025-13680, has been discovered in the Tiger theme for WordPress. This vulnerability allows authenticated attackers with Subscriber-level access (or higher) to escalate their privileges to that of an administrator. This poses a significant risk to websites using the affected theme. Technical Details The vulnerability stems from the improper use of the $user->set_role() function within the Tiger theme. The theme allows users to directly update their user role through this function without proper authorization checks. Consequently, an attacker can manipulate the system to change their role to ‘administrator’, gaining complete control over the WordPress website.…