WordPress - CVE CyberSecurity Database News (Page 2)

Feb 28, 2025 XSS WordPress API Exploit

CVE-2025-1319 - WordPress Site Mailer Plugin Vulnerability: Stored Cross-Site Scripting in Email API Deliverability & Email Log

As per the recent security update, the Site Mailer – SMTP Replacement, Email API Deliverability & Email Log plugin for WordPress has been found to be

Feb 28, 2025 WordPress Exploit

CVE-2024-10860: A Warning to WordPress Users – Unauthorized Submission of Data in NextMove Lite – Thank You Page for WooCommerce Plugin

--- Are you using the NextMove Lite – Thank You Page for WooCommerce plugin for enhancing your WordPress website's customer experience? If so, you

Feb 27, 2025 XSS WordPress

CVE-2025-1450: Stored XSS Vulnerability in Floating Chat Widget for WordPress - Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty Plugin (up to Version 3.3.5)

A new vulnerability, identified as CVE-2025-1450, has been discovered in the Floating Chat Widget – Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call

Feb 26, 2025 WordPress API Exploit

CVE-2024-12434: SureMembers WordPress Plugin Sensitive Information Exposure Vulnerability via REST API

A Sensitive Information Exposure vulnerability has been discovered in the SureMembers plugin for WordPress, with the CVE-2024-12434 designation. This vulnerability exists in all versions up

Feb 25, 2025 WordPress Exploit

CVE-2025-1128: Critical Vulnerability in Everest Forms Plugin for WordPress Allows Arbitrary File Upload, Read, and Deletion

Everest Forms, a popular plugin for WordPress, is designed to allow users to easily create and manage various types of forms including contact forms, quizzes,