Overview A critical security vulnerability, identified as CVE-2025-12962, has been discovered in the Local Syndication plugin for WordPress. This vulnerability allows authenticated attackers to perform Server-Side Request Forgery (SSRF) attacks. Specifically, all versions of the Local Syndication plugin up to and including version 1.5a are affected. This flaw stems from the plugin’s use of wp_remote_get() instead of the more secure wp_safe_remote_get() function when handling the url parameter within the [syndicate_local] shortcode. Technical Details The vulnerability resides in the way the Local Syndication plugin handles user-supplied URLs within the [syndicate_local] shortcode. The insecure use of wp_remote_get() allows authenticated users, with Contributor-level…
-
-
Overview CVE-2025-12961 is a medium severity vulnerability affecting the Download Panel plugin for WordPress, versions up to and including 1.3.3. This flaw allows authenticated attackers with Subscriber-level access or higher to modify the plugin’s settings without proper authorization. Due to a missing capability check, malicious actors can manipulate display text, download links, button colors, and other visual customizations, potentially leading to phishing attacks or defacement of your website. Technical Details The vulnerability lies in the dlpn_save_settings() function, which is responsible for saving the Download Panel plugin’s settings. The issue arises because the wp_ajax_save_settings AJAX action, which triggers this function, lacks…
-
Overview CVE-2025-12937 is a medium-severity vulnerability affecting the ACF Flexible Layouts Manager plugin for WordPress. Specifically, versions up to and including 1.1.6 are susceptible to unauthorized modification of data due to a missing capability check on the acf_flm_update_template_with_pasted_layout function. This flaw allows unauthenticated attackers to update custom field values on individual posts and pages, potentially leading to site defacement, data breaches, or other malicious activities. Technical Details The vulnerability lies within the acf_flm_update_template_with_pasted_layout function, which is designed to handle the pasting of layout templates. The core issue is the absence of a capability check before executing the update operation. This…
-
Overview A critical Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Top Friends plugin for WordPress. Designated as CVE-2025-12827, this flaw affects all versions up to and including 0.3. It allows unauthenticated attackers to potentially modify the plugin’s settings if they can trick a site administrator into performing an action, such as clicking a malicious link. Technical Details The vulnerability stems from the absence of proper nonce validation within the top_friends_options_subpanel() function of the Top Friends plugin. Nonce validation is a crucial security mechanism that prevents CSRF attacks by ensuring that requests originate from the legitimate user interface…
-
Overview CVE-2025-12823 identifies a stored Cross-Site Scripting (XSS) vulnerability found in the CSV to SortTable WordPress plugin. This vulnerability affects all versions up to and including 4.2. It allows authenticated attackers, with Contributor-level access or higher, to inject malicious JavaScript code into pages using the ‘csv’ shortcode. This code executes whenever a user visits the compromised page. Technical Details The vulnerability stems from insufficient input sanitization and output escaping within the plugin’s ‘csv’ shortcode functionality. Specifically, user-supplied attributes passed to the shortcode are not properly validated before being rendered into the HTML output. An attacker can inject arbitrary HTML and…
-
Overview A high-severity vulnerability, identified as CVE-2025-12775, has been discovered in the WP Dropzone plugin for WordPress. This vulnerability allows authenticated users, with subscriber-level access and above, to upload arbitrary files to the affected server, potentially leading to remote code execution. This affects all versions up to, and including, 1.1.0 of the WP Dropzone plugin. Immediate action is recommended to mitigate this risk. Technical Details The vulnerability resides within the ajax_upload_handle function of the WP Dropzone plugin. Specifically, the chunked upload functionality writes files directly to the uploads directory before any file type validation is performed. This allows an attacker…
-
Overview CVE-2025-12528 identifies a high-severity arbitrary file upload vulnerability found in the Pie Forms for WP plugin for WordPress. Affecting all versions up to and including 1.6, this vulnerability could allow unauthenticated attackers to upload malicious files, potentially leading to remote code execution (RCE) on the affected server. While exploiting this vulnerability requires some degree of predictability in the upload directory, the risk remains significant. Technical Details The vulnerability resides within the format_classic function of the plugin’s file upload handling mechanism. Specifically, the validate_classic method checks file extensions but does not adequately prevent the file upload process from proceeding even…
-
Published: 2025-11-18 Overview CVE-2025-12411 is a high-severity SQL Injection vulnerability affecting the Premmerce Wholesale Pricing for WooCommerce plugin for WordPress, specifically versions up to and including 1.1.10. This vulnerability allows authenticated attackers with subscriber-level access or higher to execute arbitrary SQL queries, potentially leading to data breaches and website compromise. The vulnerability stems from insufficient input sanitization and inadequate SQL query preparation. Technical Details The vulnerability resides in the plugin’s handling of the ‘ID’ parameter within the admin-post.php script. Specifically, the premmerce_update_price_type action and the ‘price_type’ parameter of the “premmerce_delete_price_type” action are vulnerable. Lack of proper escaping of the ‘ID’…
-
Overview CVE-2025-12406 describes a Cross-Site Request Forgery (CSRF) vulnerability found in the Project Honey Pot Spam Trap plugin for WordPress. This vulnerability affects all versions of the plugin up to and including 1.0.1. Due to missing or insufficient nonce validation within the printAdminPage() function, an unauthenticated attacker can potentially manipulate the plugin’s settings and inject malicious web scripts. This requires tricking a site administrator into performing an action, such as clicking a malicious link. Technical Details The vulnerability stems from the lack of proper CSRF protection in the printAdminPage() function within the project_honey_pot.php file. Specifically, the code fails to validate…
-
Overview A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Like-it WordPress plugin, tracked as CVE-2025-12404. This vulnerability affects all versions of the plugin up to and including version 2.2. Successful exploitation of this vulnerability allows unauthenticated attackers to modify plugin settings and inject malicious web scripts if they can trick an administrator into performing an unintended action, such as clicking a specially crafted link. Technical Details The vulnerability stems from missing or inadequate nonce validation in the likeit_conf() function. This function handles the plugin’s configuration settings. The absence of proper nonce verification means that an attacker can…