Search criteria
89 vulnerabilities by Themeisle
CVE-2025-11467 (GCVE-0-2025-11467)
Vulnerability from cvelistv5 – Published: 2025-12-11 01:55 – Updated: 2025-12-11 15:34
VLAI?
Summary
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 5.1.1 via the feedzy_lazy_load function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity ?
5.8 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator |
Affected:
* , ≤ 5.1.1
(semver)
|
Credits
Lucas Montes
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T15:34:23.524101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T15:34:28.633Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "5.1.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucas Montes"
}
],
"descriptions": [
{
"lang": "en",
"value": "The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 5.1.1 via the feedzy_lazy_load function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T01:55:32.407Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5754dce7-6b47-4490-a04a-7eabfded0720?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/tags/5.1.0/includes/abstract/feedzy-rss-feeds-admin-abstract.php#L551"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-02T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-10-07T21:09:10.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-10T12:23:54.000+00:00",
"value": "Disclosed"
}
],
"title": "RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator \u003c= 5.1.1 - Unauthenticated Blind Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11467",
"datePublished": "2025-12-11T01:55:32.407Z",
"dateReserved": "2025-10-07T20:51:21.871Z",
"dateUpdated": "2025-12-11T15:34:28.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12483 (GCVE-0-2025-12483)
Vulnerability from cvelistv5 – Published: 2025-12-02 06:40 – Updated: 2025-12-02 06:40
VLAI?
Summary
The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'query' parameter in all versions up to, and including, 3.11.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Version 3.11.13 raises the minimum user-level for exploitation to administrator. 3.11.14 fully patches the vulnerability.
Severity ?
6.5 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Visualizer: Tables and Charts Manager for WordPress |
Affected:
* , ≤ 3.11.12
(semver)
|
Credits
Rafshanzani Suhada
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Visualizer: Tables and Charts Manager for WordPress",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.11.12",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rafshanzani Suhada"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the \u0027query\u0027 parameter in all versions up to, and including, 3.11.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Version 3.11.13 raises the minimum user-level for exploitation to administrator. 3.11.14 fully patches the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T06:40:25.668Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/94392c66-6e50-48bb-93cb-9aa9d0229761?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/visualizer/tags/3.11.12/classes/Visualizer/Gutenberg/Block.php#L499"
},
{
"url": "https://plugins.trac.wordpress.org/browser/visualizer/tags/3.11.12/classes/Visualizer/Source/Query.php#L173"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3405160%40visualizer%2Ftrunk\u0026old=3355840%40visualizer%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-29T18:21:25.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-01T17:52:15.000+00:00",
"value": "Disclosed"
}
],
"title": "Visualizer: Tables and Charts Manager for WordPress \u003c= 3.11.12 - Authenticated (Contributor+) SQL Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12483",
"datePublished": "2025-12-02T06:40:25.668Z",
"dateReserved": "2025-10-29T18:05:54.435Z",
"dateUpdated": "2025-12-02T06:40:25.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66069 (GCVE-0-2025-66069)
Vulnerability from cvelistv5 – Published: 2025-11-21 12:29 – Updated: 2025-11-21 16:40
VLAI?
Summary
Missing Authorization vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPOM for WooCommerce: from n/a through <= 33.0.16.
Severity ?
4.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Themeisle | PPOM for WooCommerce |
Affected:
n/a , ≤ <= 33.0.16
(custom)
|
Credits
Legion Hunter | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-66069",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T16:40:15.058297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T16:40:54.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-product-addon",
"product": "PPOM for WooCommerce",
"vendor": "Themeisle",
"versions": [
{
"changes": [
{
"at": "33.0.17",
"status": "unaffected"
}
],
"lessThanOrEqual": "\u003c= 33.0.16",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Legion Hunter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2025-11-21T13:27:34.768Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Exploiting Incorrectly Configured Access Control Security Levels.\u003cp\u003eThis issue affects PPOM for WooCommerce: from n/a through \u003c= 33.0.16.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPOM for WooCommerce: from n/a through \u003c= 33.0.16."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T12:29:56.025Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/woocommerce-product-addon/vulnerability/wordpress-ppom-for-woocommerce-plugin-33-0-16-broken-access-control-vulnerability?_s_id=cve"
}
],
"title": "WordPress PPOM for WooCommerce plugin \u003c= 33.0.16 - Broken Access Control vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-66069",
"datePublished": "2025-11-21T12:29:56.025Z",
"dateReserved": "2025-11-21T11:20:46.955Z",
"dateUpdated": "2025-11-21T16:40:54.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12045 (GCVE-0-2025-12045)
Vulnerability from cvelistv5 – Published: 2025-11-04 11:19 – Updated: 2025-11-04 18:53
VLAI?
Summary
The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag 'name' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More |
Affected:
* , ≤ 3.0.2
(semver)
|
Credits
Dmitrii Ignatyev
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12045",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-04T18:53:18.230614Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-04T18:53:30.602Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts \u0026 More",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts \u0026 More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag \u0027name\u0027 parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-04T11:19:27.966Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/139a264b-082b-45db-ac9e-4974bf86c56f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/elementor-extra-widgets/widgets/elementor/posts-grid.php#L1912"
},
{
"url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/elementor-extra-widgets/widgets/elementor/posts-grid.php#L1878"
},
{
"url": "https://research.cleantalk.org/cve-2025-12045/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3388856/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-21T19:56:59.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-03T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Orbit Fox Companion \u003c= 3.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Taxonomy"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12045",
"datePublished": "2025-11-04T11:19:27.966Z",
"dateReserved": "2025-10-21T19:37:36.665Z",
"dateUpdated": "2025-11-04T18:53:30.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10145 (GCVE-0-2025-10145)
Vulnerability from cvelistv5 – Published: 2025-10-28 05:27 – Updated: 2025-10-28 20:04
VLAI?
Summary
The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the upload_to_library function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. On Cloud instances, this issue allows for metadata retrieval.
Severity ?
7.7 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Auto Featured Image (Auto Post Thumbnail) |
Affected:
* , ≤ 4.1.7
(semver)
|
Credits
Jonas Benjamin Friedli
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-28T20:03:52.985743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-28T20:04:08.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Auto Featured Image (Auto Post Thumbnail)",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the upload_to_library function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. On Cloud instances, this issue allows for metadata retrieval."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-28T05:27:29.647Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93acfae6-470b-4637-b76b-e1162b80253f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/auto-post-thumbnail/tags/4.1.7/includes/class-apt.php#L821"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-25T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-10-17T15:19:45.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-27T16:26:51.000+00:00",
"value": "Disclosed"
}
],
"title": "Auto Featured Image (Auto Post Thumbnail) \u003c= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10145",
"datePublished": "2025-10-28T05:27:29.647Z",
"dateReserved": "2025-09-08T21:57:57.014Z",
"dateUpdated": "2025-10-28T20:04:08.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9322 (GCVE-0-2025-9322)
Vulnerability from cvelistv5 – Published: 2025-10-25 06:49 – Updated: 2025-10-27 15:44
VLAI?
Summary
The Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions plugin for WordPress is vulnerable to SQL Injection via the 'wpfs-form-name' parameter in all versions up to, and including, 8.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity ?
7.5 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions |
Affected:
* , ≤ 8.3.1
(semver)
|
Credits
Michael Mazzolini
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:44:15.155761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:44:23.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Stripe Payment Forms by WP Full Pay \u2013 Accept Credit Card Payments, Donations \u0026 Subscriptions",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "8.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Mazzolini"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Stripe Payment Forms by WP Full Pay \u2013 Accept Credit Card Payments, Donations \u0026 Subscriptions plugin for WordPress is vulnerable to SQL Injection via the \u0027wpfs-form-name\u0027 parameter in all versions up to, and including, 8.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-25T06:49:23.256Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/886b612a-d0d1-4880-b423-eb62410a28cd?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3378785%40wp-full-stripe-free\u0026new=3378785%40wp-full-stripe-free\u0026sfp_email=\u0026sfph_mail=#file6"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-26T20:26:17.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-24T18:16:58.000+00:00",
"value": "Disclosed"
}
],
"title": "Stripe Payment Forms \u003c= 8.3.1 - Unauthenticated SQL Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-9322",
"datePublished": "2025-10-25T06:49:23.256Z",
"dateReserved": "2025-08-21T19:32:17.388Z",
"dateUpdated": "2025-10-27T15:44:23.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11128 (GCVE-0-2025-11128)
Vulnerability from cvelistv5 – Published: 2025-10-23 12:32 – Updated: 2025-10-23 13:39
VLAI?
Summary
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.1.0 via the 'feedzy_sanitize_feeds' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query information from internal services.
Severity ?
5 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator |
Affected:
* , ≤ 5.1.0
(semver)
|
Credits
Lucas Montes
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T13:38:55.005647Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T13:39:12.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "5.1.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucas Montes"
}
],
"descriptions": [
{
"lang": "en",
"value": "The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.1.0 via the \u0027feedzy_sanitize_feeds\u0027 function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query information from internal services."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T12:32:32.611Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c33ec58f-3e83-425a-9f0f-5e529be15e05?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/trunk/includes/gutenberg/feedzy-rss-feeds-gutenberg-block.php#L280"
},
{
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/trunk/includes/gutenberg/feedzy-rss-feeds-gutenberg-block.php#L309"
},
{
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/trunk/includes/gutenberg/feedzy-rss-feeds-gutenberg-block.php#L336"
},
{
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/trunk/includes/gutenberg/feedzy-rss-feeds-gutenberg-block.php#L399"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3378828/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-27T22:08:01.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-22T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Feedzy RSS Feeds Lite \u003c= 5.1.0 - Authenticated (Subscriber+) Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11128",
"datePublished": "2025-10-23T12:32:32.611Z",
"dateReserved": "2025-09-27T21:52:08.932Z",
"dateUpdated": "2025-10-23T13:39:12.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11691 (GCVE-0-2025-11691)
Vulnerability from cvelistv5 – Published: 2025-10-18 06:42 – Updated: 2025-10-20 17:59
VLAI?
Summary
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the PPOM_Meta::get_fields_by_id() function in all versions up to, and including, 33.0.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This is only exploitable when the Enable Legacy Price Calculations setting is enabled.
Severity ?
7.5 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | PPOM – Product Addons & Custom Fields for WooCommerce |
Affected:
* , ≤ 33.0.15
(semver)
|
Credits
Talal Nasraddeen
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11691",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T17:56:07.756295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T17:59:48.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PPOM \u2013 Product Addons \u0026 Custom Fields for WooCommerce",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "33.0.15",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Talal Nasraddeen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The PPOM \u2013 Product Addons \u0026 Custom Fields for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the PPOM_Meta::get_fields_by_id() function in all versions up to, and including, 33.0.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This is only exploitable when the Enable Legacy Price Calculations setting is enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-18T06:42:49.184Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eefcc290-b7f7-4cf0-9ccc-db4c883d6426?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-product-addon/trunk/classes/ppom.class.php#L337"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3379431%40woocommerce-product-addon\u0026new=3379431%40woocommerce-product-addon\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-14T17:24:49.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-17T18:11:36.000+00:00",
"value": "Disclosed"
}
],
"title": "PPOM \u2013 Product Addons \u0026 Custom Fields for WooCommerce \u003c= 33.0.15 - Unauthenticated SQL Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11691",
"datePublished": "2025-10-18T06:42:49.184Z",
"dateReserved": "2025-10-13T15:24:04.178Z",
"dateUpdated": "2025-10-20T17:59:48.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11391 (GCVE-0-2025-11391)
Vulnerability from cvelistv5 – Published: 2025-10-18 06:42 – Updated: 2025-10-20 18:30
VLAI?
Summary
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. While the vulnerable code is in the free version, this only affected users with the paid version of the software installed and activated.
Severity ?
9.8 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | PPOM – Product Addons & Custom Fields for WooCommerce |
Affected:
* , ≤ 33.0.15
(semver)
|
Credits
Talal Nasraddeen
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T18:30:31.634936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T18:30:53.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PPOM \u2013 Product Addons \u0026 Custom Fields for WooCommerce",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "33.0.15",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Talal Nasraddeen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The PPOM \u2013 Product Addons \u0026 Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible. While the vulnerable code is in the free version, this only affected users with the paid version of the software installed and activated."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-18T06:42:48.390Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cf851bed-f5d8-44e2-810d-906ba3d3c1c5?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-product-addon/trunk/inc/hooks.php#L45"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3379431%40woocommerce-product-addon\u0026new=3379431%40woocommerce-product-addon\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-06T20:07:14.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-17T18:09:32.000+00:00",
"value": "Disclosed"
}
],
"title": "PPOM \u2013 Product Addons \u0026 Custom Fields for WooCommerce \u003c= 33.0.15 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11391",
"datePublished": "2025-10-18T06:42:48.390Z",
"dateReserved": "2025-10-06T20:04:27.764Z",
"dateUpdated": "2025-10-20T18:30:53.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9562 (GCVE-0-2025-9562)
Vulnerability from cvelistv5 – Published: 2025-10-18 06:42 – Updated: 2025-10-27 16:13
VLAI?
Summary
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's qs_date shortcode in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Redirection for Contact Form 7 |
Affected:
* , ≤ 3.2.6
(semver)
|
Credits
Muhammad Yudha - DJ
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T18:34:21.658144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T16:13:26.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Redirection for Contact Form 7",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.2.6",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammad Yudha - DJ"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Redirection for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s qs_date shortcode in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-18T06:42:46.555Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a801bb0-a7fc-42c3-b26f-3f7cdb592bea?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpcf7-redirect/tags/3.2.5/wpcf7r-functions.php#L558"
},
{
"url": "https://wordpress.org/plugins/wpcf7-redirect/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3378810%40wpcf7-redirect\u0026new=3378810%40wpcf7-redirect\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-26T20:26:17.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-17T17:48:32.000+00:00",
"value": "Disclosed"
}
],
"title": "Redirection for Contact Form 7 \u003c= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via qs_date Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-9562",
"datePublished": "2025-10-18T06:42:46.555Z",
"dateReserved": "2025-08-27T21:14:05.609Z",
"dateUpdated": "2025-10-27T16:13:26.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58789 (GCVE-0-2025-58789)
Vulnerability from cvelistv5 – Published: 2025-09-05 13:44 – Updated: 2025-09-08 16:43
VLAI?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle WP Full Stripe Free allows SQL Injection. This issue affects WP Full Stripe Free: from n/a through 8.3.0.
Severity ?
7.6 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Themeisle | WP Full Stripe Free |
Affected:
n/a , ≤ 8.3.0
(custom)
|
Credits
Que Thanh Tuan - Blue Rock (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58789",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T16:42:48.793593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T16:43:02.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-full-stripe-free",
"product": "WP Full Stripe Free",
"vendor": "Themeisle",
"versions": [
{
"lessThanOrEqual": "8.3.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Que Thanh Tuan - Blue Rock (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Themeisle WP Full Stripe Free allows SQL Injection.\u003c/p\u003e\u003cp\u003eThis issue affects WP Full Stripe Free: from n/a through 8.3.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Themeisle WP Full Stripe Free allows SQL Injection. This issue affects WP Full Stripe Free: from n/a through 8.3.0."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T13:44:58.497Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wp-full-stripe-free/vulnerability/wordpress-wp-full-stripe-free-plugin-8-3-0-sql-injection-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WP Full Stripe Free Plugin \u003c= 8.3.0 - SQL Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58789",
"datePublished": "2025-09-05T13:44:58.497Z",
"dateReserved": "2025-09-05T10:48:52.285Z",
"dateUpdated": "2025-09-08T16:43:02.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58593 (GCVE-0-2025-58593)
Vulnerability from cvelistv5 – Published: 2025-09-03 14:36 – Updated: 2025-09-03 17:51
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS. This issue affects Orbit Fox by ThemeIsle: from n/a through 3.0.0.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Themeisle | Orbit Fox by ThemeIsle |
Affected:
n/a , ≤ 3.0.0
(custom)
|
Credits
Michael (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58593",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:39:29.458801Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:51:58.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "themeisle-companion",
"product": "Orbit Fox by ThemeIsle",
"vendor": "Themeisle",
"versions": [
{
"changes": [
{
"at": "3.0.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.0.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Michael (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS.\u003c/p\u003e\u003cp\u003eThis issue affects Orbit Fox by ThemeIsle: from n/a through 3.0.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS. This issue affects Orbit Fox by ThemeIsle: from n/a through 3.0.0."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:36:36.291Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/themeisle-companion/vulnerability/wordpress-orbit-fox-by-themeisle-plugin-3-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Orbit Fox by ThemeIsle plugin to the latest available version (at least 3.0.1)."
}
],
"value": "Update the WordPress Orbit Fox by ThemeIsle plugin to the latest available version (at least 3.0.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Orbit Fox by ThemeIsle Plugin \u003c= 3.0.0 - Cross Site Scripting (XSS) Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58593",
"datePublished": "2025-09-03T14:36:36.291Z",
"dateReserved": "2025-09-03T09:02:27.115Z",
"dateUpdated": "2025-09-03T17:51:58.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-55715 (GCVE-0-2025-55715)
Vulnerability from cvelistv5 – Published: 2025-08-20 08:02 – Updated: 2025-08-20 17:19
VLAI?
Summary
Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg Block allows Retrieve Embedded Sensitive Data. This issue affects Otter - Gutenberg Block: from n/a through 3.1.0.
Severity ?
7.5 (High)
CWE
- CWE-201 - Insertion of Sensitive Information Into Sent Data
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Themeisle | Otter - Gutenberg Block |
Affected:
n/a , ≤ 3.1.0
(custom)
|
Credits
Abu Hurayra (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T17:17:54.582475Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T17:19:02.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "otter-blocks",
"product": "Otter - Gutenberg Block",
"vendor": "Themeisle",
"versions": [
{
"changes": [
{
"at": "3.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.1.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Abu Hurayra (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eInsertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg Block allows Retrieve Embedded Sensitive Data.\u003c/p\u003e\u003cp\u003eThis issue affects Otter - Gutenberg Block: from n/a through 3.1.0.\u003c/p\u003e"
}
],
"value": "Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg Block allows Retrieve Embedded Sensitive Data. This issue affects Otter - Gutenberg Block: from n/a through 3.1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T08:02:49.588Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/otter-blocks/vulnerability/wordpress-otter-gutenberg-block-plugin-3-1-0-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Otter - Gutenberg Block plugin to the latest available version (at least 3.1.1)."
}
],
"value": "Update the WordPress Otter - Gutenberg Block plugin to the latest available version (at least 3.1.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Otter - Gutenberg Block Plugin \u003c= 3.1.0 - Sensitive Data Exposure Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-55715",
"datePublished": "2025-08-20T08:02:49.588Z",
"dateReserved": "2025-08-14T09:10:30.443Z",
"dateUpdated": "2025-08-20T17:19:02.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8141 (GCVE-0-2025-8141)
Vulnerability from cvelistv5 – Published: 2025-08-20 01:44 – Updated: 2025-08-20 15:15
VLAI?
Summary
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_associated_files function in all versions up to, and including, 3.2.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity ?
8.8 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Redirection for Contact Form 7 |
Affected:
* , ≤ 3.2.4
(semver)
|
Credits
Nguyen Tan Phat
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T13:56:55.523929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T15:15:16.516Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Redirection for Contact Form 7",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Tan Phat"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_associated_files function in all versions up to, and including, 3.2.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T01:44:36.793Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fafd0159-25ab-430d-88ef-c4d09d23baa7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpcf7-redirect/tags/3.2.3/classes/class-wpcf7r-save-files.php#L80"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-05T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-08-19T12:31:46.000+00:00",
"value": "Disclosed"
}
],
"title": "Redirection for Contact Form 7 \u003c= 3.2.4 - Unauthenticated Arbitrary File Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8141",
"datePublished": "2025-08-20T01:44:36.793Z",
"dateReserved": "2025-07-24T16:21:17.311Z",
"dateUpdated": "2025-08-20T15:15:16.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8289 (GCVE-0-2025-8289)
Vulnerability from cvelistv5 – Published: 2025-08-20 01:44 – Updated: 2025-08-20 15:15
VLAI?
Summary
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the delete_associated_files function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may be exploited by unauthenticated attackers when a form is present on the site with a file upload action, and doesn't affect sites with PHP version > 8. This vulnerability also requires the 'Redirection For Contact Form 7 Extension - Create Post' extension to be installed and activated in order to be exploited. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. We confirmed there is a usable gadget in Contact Form 7 plugin that makes arbitrary file deletion possible when installed with this plugin. Given Contact Form 7 is a requirement of this plugin, it is likely that any site with this plugin and the 'Redirection For Contact Form 7 Extension - Create Post' extension enabled is vulnerable to arbitrary file deletion.
Severity ?
7.5 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Redirection for Contact Form 7 |
Affected:
* , ≤ 3.2.4
(semver)
|
Credits
Nguyen Tan Phat
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T13:57:07.181770Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T15:15:22.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Redirection for Contact Form 7",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Tan Phat"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the delete_associated_files function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may be exploited by unauthenticated attackers when a form is present on the site with a file upload action, and doesn\u0027t affect sites with PHP version \u003e 8. This vulnerability also requires the \u0027Redirection For Contact Form 7 Extension - Create Post\u0027 extension to be installed and activated in order to be exploited. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. We confirmed there is a usable gadget in Contact Form 7 plugin that makes arbitrary file deletion possible when installed with this plugin. Given Contact Form 7 is a requirement of this plugin, it is likely that any site with this plugin and the \u0027Redirection For Contact Form 7 Extension - Create Post\u0027 extension enabled is vulnerable to arbitrary file deletion."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T01:44:36.231Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7909b75-8087-4d38-8325-c619bf84d997?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpcf7-redirect/tags/3.2.4/classes/class-wpcf7r-save-files.php#L80"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-05T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-08-19T12:30:22.000+00:00",
"value": "Disclosed"
}
],
"title": "Redirection for Contact Form 7 \u003c= 3.2.4 - Unauthenticated PHP Object Injection via PHAR Deserialization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8289",
"datePublished": "2025-08-20T01:44:36.231Z",
"dateReserved": "2025-07-28T20:44:04.810Z",
"dateUpdated": "2025-08-20T15:15:22.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8145 (GCVE-0-2025-8145)
Vulnerability from cvelistv5 – Published: 2025-08-20 01:44 – Updated: 2025-08-20 15:15
VLAI?
Summary
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the get_lead_fields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in a Contact Form 7 plugin allows attackers to delete arbitrary files. Additionally, in certain server configurations, Remote Code Execution is possible
Severity ?
8.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Redirection for Contact Form 7 |
Affected:
* , ≤ 3.2.4
(semver)
|
Credits
Nguyen Tan Phat
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T13:57:19.529039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T15:15:28.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Redirection for Contact Form 7",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Tan Phat"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the get_lead_fields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in a Contact Form 7 plugin allows attackers to delete arbitrary files. Additionally, in certain server configurations, Remote Code Execution is possible"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T01:44:35.663Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2cb275d5-ec4b-419f-84e1-84172d381411?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpcf7-redirect/tags/3.2.3/classes/class-wpcf7r-lead.php#L144"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-05T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-08-19T12:29:47.000+00:00",
"value": "Disclosed"
}
],
"title": "Redirection for Contact Form 7 \u003c= 3.2.4 - Unauthenticated PHP Object Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8145",
"datePublished": "2025-08-20T01:44:35.663Z",
"dateReserved": "2025-07-24T19:08:42.997Z",
"dateUpdated": "2025-08-20T15:15:28.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53986 (GCVE-0-2025-53986)
Vulnerability from cvelistv5 – Published: 2025-07-16 10:36 – Updated: 2025-07-16 14:39
VLAI?
Summary
Missing Authorization vulnerability in ThemeIsle Hestia allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Hestia: from n/a through 3.2.10.
Severity ?
5.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
Martino Spagnuolo (r3verii) (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53986",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-16T13:32:47.369900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T14:39:34.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/themes",
"defaultStatus": "unaffected",
"packageName": "hestia",
"product": "Hestia",
"vendor": "ThemeIsle",
"versions": [
{
"changes": [
{
"at": "3.2.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.2.10",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Martino Spagnuolo (r3verii) (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in ThemeIsle Hestia allows Accessing Functionality Not Properly Constrained by ACLs.\u003c/p\u003e\u003cp\u003eThis issue affects Hestia: from n/a through 3.2.10.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in ThemeIsle Hestia allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Hestia: from n/a through 3.2.10."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T10:36:11.412Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/theme/hestia/vulnerability/wordpress-hestia-theme-3-2-10-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Hestia theme to the latest available version (at least 3.2.11)."
}
],
"value": "Update the WordPress Hestia theme to the latest available version (at least 3.2.11)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Hestia theme \u003c= 3.2.10 - Broken Access Control Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-53986",
"datePublished": "2025-07-16T10:36:11.412Z",
"dateReserved": "2025-07-16T08:51:03.831Z",
"dateUpdated": "2025-07-16T14:39:34.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22659 (GCVE-0-2025-22659)
Vulnerability from cvelistv5 – Published: 2025-03-27 15:01 – Updated: 2025-03-27 18:17
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through 2.10.44.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Themeisle | Orbit Fox by ThemeIsle |
Affected:
n/a , ≤ 2.10.44
(custom)
|
Credits
Prissy (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T18:17:16.330151Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T18:17:19.910Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "themeisle-companion",
"product": "Orbit Fox by ThemeIsle",
"vendor": "Themeisle",
"versions": [
{
"changes": [
{
"at": "2.10.45",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.10.44",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Prissy (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS.\u003cp\u003eThis issue affects Orbit Fox by ThemeIsle: from n/a through 2.10.44.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through 2.10.44."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:01:50.207Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/themeisle-companion/vulnerability/wordpress-orbit-fox-by-themeisle-plugin-2-10-44-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Orbit Fox by ThemeIsle wordpress plugin to the latest available version (at least 2.10.45)."
}
],
"value": "Update the WordPress Orbit Fox by ThemeIsle wordpress plugin to the latest available version (at least 2.10.45)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "WordPress Orbit Fox by ThemeIsle plugin \u003c= 2.10.44 - Cross Site Scripting (XSS) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-22659",
"datePublished": "2025-03-27T15:01:50.207Z",
"dateReserved": "2025-01-07T21:02:51.800Z",
"dateUpdated": "2025-03-27T18:17:19.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1065 (GCVE-0-2025-1065)
Vulnerability from cvelistv5 – Published: 2025-02-19 05:22 – Updated: 2025-02-19 14:56
VLAI?
Summary
The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Import Data From File feature in all versions up to, and including, 3.11.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Visualizer: Tables and Charts Manager for WordPress |
Affected:
* , ≤ 3.11.8
(semver)
|
Credits
Craig Smith
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T14:55:12.631233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T14:56:01.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Visualizer: Tables and Charts Manager for WordPress",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.11.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s Import Data From File feature in all versions up to, and including, 3.11.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T05:22:52.516Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17c1de7b-5178-4fbe-a515-169de4323ae7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3240066/visualizer"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-05T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-02-18T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Visualizer: Tables and Charts Manager for WordPress \u003c= 3.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Import Data From File"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1065",
"datePublished": "2025-02-19T05:22:52.516Z",
"dateReserved": "2025-02-05T18:14:04.973Z",
"dateUpdated": "2025-02-19T14:56:01.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10705 (GCVE-0-2024-10705)
Vulnerability from cvelistv5 – Published: 2025-01-26 06:41 – Updated: 2025-01-27 15:32
VLAI?
Summary
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpg_download_file_by_link' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity ?
5.4 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Multiple Page Generator Plugin – MPG |
Affected:
* , ≤ 4.0.5
(semver)
|
Credits
Arkadiusz Hydzik
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T15:32:33.997967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T15:32:39.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Multiple Page Generator Plugin \u2013 MPG",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "4.0.5",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Multiple Page Generator Plugin \u2013 MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the \u0027mpg_download_file_by_link\u0027 function. This makes it possible for authenticated attackers, with editor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-26T06:41:21.568Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7b3446e5-ca01-4468-927a-86e951e662ab?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3205550/multiple-pages-generator-by-porthas"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-01T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-01-25T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Multiple Page Generator Plugin \u2013 MPG \u003c= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-10705",
"datePublished": "2025-01-26T06:41:21.568Z",
"dateReserved": "2024-11-01T18:03:29.514Z",
"dateUpdated": "2025-01-27T15:32:39.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24666 (GCVE-0-2025-24666)
Vulnerability from cvelistv5 – Published: 2025-01-24 17:24 – Updated: 2025-01-24 18:56
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeIsle AI Chatbot for WordPress – Hyve Lite allows Stored XSS. This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through 1.2.2.
Severity ?
5.9 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ThemeIsle | AI Chatbot for WordPress – Hyve Lite |
Affected:
n/a , ≤ 1.2.2
(custom)
|
Credits
Caesar Evan Santoso (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24666",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T18:46:02.751963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T18:56:26.036Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "hyve-lite",
"product": "AI Chatbot for WordPress \u2013 Hyve Lite",
"vendor": "ThemeIsle",
"versions": [
{
"changes": [
{
"at": "1.2.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.2.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Caesar Evan Santoso (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in ThemeIsle AI Chatbot for WordPress \u2013 Hyve Lite allows Stored XSS.\u003c/p\u003e\u003cp\u003eThis issue affects AI Chatbot for WordPress \u2013 Hyve Lite: from n/a through 1.2.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in ThemeIsle AI Chatbot for WordPress \u2013 Hyve Lite allows Stored XSS. This issue affects AI Chatbot for WordPress \u2013 Hyve Lite: from n/a through 1.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T17:24:50.523Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/hyve-lite/vulnerability/wordpress-hyve-lite-plugin-1-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress AI Chatbot for WordPress \u2013 Hyve Lite wordpress plugin to the latest available version (at least 1.2.3)."
}
],
"value": "Update the WordPress AI Chatbot for WordPress \u2013 Hyve Lite wordpress plugin to the latest available version (at least 1.2.3)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Hyve Lite plugin \u003c= 1.2.2 - Cross Site Scripting (XSS) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-24666",
"datePublished": "2025-01-24T17:24:50.523Z",
"dateReserved": "2025-01-23T14:51:57.435Z",
"dateUpdated": "2025-01-24T18:56:26.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24668 (GCVE-0-2025-24668)
Vulnerability from cvelistv5 – Published: 2025-01-24 17:24 – Updated: 2025-01-24 18:57
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle PPOM for WooCommerce allows Stored XSS. This issue affects PPOM for WooCommerce: from n/a through 33.0.8.
Severity ?
5.9 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Themeisle | PPOM for WooCommerce |
Affected:
n/a , ≤ 33.0.8
(custom)
|
Credits
savphill (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24668",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T18:46:20.368789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T18:57:12.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-product-addon",
"product": "PPOM for WooCommerce",
"vendor": "Themeisle",
"versions": [
{
"changes": [
{
"at": "33.0.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "33.0.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "savphill (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Themeisle PPOM for WooCommerce allows Stored XSS.\u003c/p\u003e\u003cp\u003eThis issue affects PPOM for WooCommerce: from n/a through 33.0.8.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Themeisle PPOM for WooCommerce allows Stored XSS. This issue affects PPOM for WooCommerce: from n/a through 33.0.8."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T17:24:45.470Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/woocommerce-product-addon/vulnerability/wordpress-ppom-for-woocommerce-plugin-33-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress PPOM for WooCommerce wordpress plugin to the latest available version (at least 33.0.9)."
}
],
"value": "Update the WordPress PPOM for WooCommerce wordpress plugin to the latest available version (at least 33.0.9)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress PPOM for WooCommerce plugin \u003c= 33.0.8 - Cross Site Scripting (XSS) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-24668",
"datePublished": "2025-01-24T17:24:45.470Z",
"dateReserved": "2025-01-23T14:51:57.435Z",
"dateUpdated": "2025-01-24T18:57:12.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13183 (GCVE-0-2024-13183)
Vulnerability from cvelistv5 – Published: 2025-01-10 07:21 – Updated: 2025-01-10 14:50
VLAI?
Summary
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and including, 2.10.43 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Orbit Fox by ThemeIsle |
Affected:
* , ≤ 2.10.43
(semver)
|
Credits
Ankit Patel
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T14:50:42.542302Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T14:50:49.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Orbit Fox by ThemeIsle",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "2.10.43",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ankit Patel"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018title_tag\u2019 parameter in all versions up to, and including, 2.10.43 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T07:21:46.542Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0f6be2b-5eb6-4828-ae95-7f2253700ee9?source=cve"
},
{
"url": "https://wordpress.org/plugins/themeisle-companion/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/elementor-extra-widgets/widgets/elementor/pricing-table.php#L118"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3219568/"
},
{
"url": "https://github.com/Codeinwp/themeisle-companion/commit/47a17c86934cebbfc3f1a812f1afcaa20515c1f7"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-09T18:53:22.000+00:00",
"value": "Disclosed"
}
],
"title": "Orbit Fox by ThemeIsle \u003c= 2.10.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via title_tag Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13183",
"datePublished": "2025-01-10T07:21:46.542Z",
"dateReserved": "2025-01-07T22:36:17.754Z",
"dateUpdated": "2025-01-10T14:50:49.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0311 (GCVE-0-2025-0311)
Vulnerability from cvelistv5 – Published: 2025-01-10 06:43 – Updated: 2025-01-10 14:51
VLAI?
Summary
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 2.10.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Orbit Fox by ThemeIsle |
Affected:
* , ≤ 2.10.43
(semver)
|
Credits
Craig Smith
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T14:50:58.800230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T14:51:18.915Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Orbit Fox by ThemeIsle",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "2.10.43",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s Pricing Table widget in all versions up to, and including, 2.10.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T06:43:16.199Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d17a3a0-3c09-4d67-96d6-d97bde92f100?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/elementor-extra-widgets/widgets/elementor/pricing-table.php#L1024"
},
{
"url": "https://wordpress.org/plugins/themeisle-companion/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3219568/"
},
{
"url": "https://github.com/Codeinwp/themeisle-companion/commit/47a17c86934cebbfc3f1a812f1afcaa20515c1f7"
},
{
"url": "https://github.com/Codeinwp/themeisle-companion/commit/c311050b372cf38e82d8ec9deadf4f21a8931487"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-09T18:25:20.000+00:00",
"value": "Disclosed"
}
],
"title": "Orbit Fox by ThemeIsle \u003c= 2.10.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table Widget"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0311",
"datePublished": "2025-01-10T06:43:16.199Z",
"dateReserved": "2025-01-07T17:51:38.622Z",
"dateUpdated": "2025-01-10T14:51:18.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37467 (GCVE-0-2024-37467)
Vulnerability from cvelistv5 – Published: 2025-01-02 12:00 – Updated: 2025-01-03 18:58
VLAI?
Summary
Cross-Site Request Forgery (CSRF) vulnerability in ThemeIsle Hestia allows Cross Site Request Forgery.This issue affects Hestia: from n/a through 3.1.2.
Severity ?
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
Dhabaleshwar Das (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T17:34:58.883076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T18:58:39.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/themes",
"defaultStatus": "unaffected",
"packageName": "hestia",
"product": "Hestia",
"vendor": "ThemeIsle",
"versions": [
{
"changes": [
{
"at": "3.1.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dhabaleshwar Das (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCross-Site Request Forgery (CSRF) vulnerability in ThemeIsle Hestia allows Cross Site Request Forgery.\u003c/p\u003e\u003cp\u003eThis issue affects Hestia: from n/a through 3.1.2.\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in ThemeIsle Hestia allows Cross Site Request Forgery.This issue affects Hestia: from n/a through 3.1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T12:00:54.403Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/theme/hestia/vulnerability/wordpress-hestia-theme-3-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Hestia theme to the latest available version (at least 3.1.3)."
}
],
"value": "Update the WordPress Hestia theme to the latest available version (at least 3.1.3)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Hestia theme \u003c= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-37467",
"datePublished": "2025-01-02T12:00:54.403Z",
"dateReserved": "2024-06-09T08:52:28.718Z",
"dateUpdated": "2025-01-03T18:58:39.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39920 (GCVE-0-2023-39920)
Vulnerability from cvelistv5 – Published: 2024-12-13 14:23 – Updated: 2024-12-13 18:22
VLAI?
Summary
Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection for Contact Form 7: from n/a through 2.9.2.
Severity ?
7.5 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Themeisle | Redirection for Contact Form 7 |
Affected:
n/a , ≤ 2.9.2
(custom)
|
Credits
Nguyen Anh Tien (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39920",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-13T18:21:39.334811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-13T18:22:22.336Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wpcf7-redirect",
"product": "Redirection for Contact Form 7",
"vendor": "Themeisle",
"versions": [
{
"changes": [
{
"at": "3.0.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.9.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nguyen Anh Tien (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in Themeisle Redirection for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Redirection for Contact Form 7: from n/a through 2.9.2.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection for Contact Form 7: from n/a through 2.9.2."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-13T14:23:58.879Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wpcf7-redirect/vulnerability/wordpress-redirection-for-contact-form-7-plugin-2-9-2-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Redirection for Contact Form 7 plugin to the latest available version (at least 3.0.0)."
}
],
"value": "Update the WordPress Redirection for Contact Form 7 plugin to the latest available version (at least 3.0.0)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Redirection for Contact Form 7 plugin \u003c= 2.9.2 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-39920",
"datePublished": "2024-12-13T14:23:58.879Z",
"dateReserved": "2023-08-07T12:46:53.219Z",
"dateUpdated": "2024-12-13T18:22:22.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11219 (GCVE-0-2024-11219)
Vulnerability from cvelistv5 – Published: 2024-11-27 05:31 – Updated: 2024-11-27 12:03
VLAI?
Summary
The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.0.6 via the get_image function. This makes it possible for unauthenticated attackers to view arbitrary images on the server, which can contain sensitive information.
Severity ?
5.3 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE |
Affected:
* , ≤ 3.0.6
(semver)
|
Credits
Michael Mazzolini
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:themeisle:otter_blocks:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "otter_blocks",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.0.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T12:03:28.114250Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T12:03:31.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor \u0026 FSE",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.0.6",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Mazzolini"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor \u0026 FSE plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.0.6 via the get_image function. This makes it possible for unauthenticated attackers to view arbitrary images on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T05:31:54.882Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c5e9ab63-d61e-40f1-a5cb-432f33dfd2a6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/otter-blocks/tags/3.0.6/inc/plugins/class-dynamic-content.php#L222"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-10T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2024-11-26T16:32:46.000+00:00",
"value": "Disclosed"
}
],
"title": "Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor \u0026 FSE \u003c= 3.0.6 - Unauthetnicated Path Traversal to Arbitrary Image View"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-11219",
"datePublished": "2024-11-27T05:31:54.882Z",
"dateReserved": "2024-11-14T14:55:03.886Z",
"dateUpdated": "2024-11-27T12:03:31.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51671 (GCVE-0-2024-51671)
Vulnerability from cvelistv5 – Published: 2024-11-19 16:30 – Updated: 2024-11-20 14:36
VLAI?
Summary
Missing Authorization vulnerability in ThemeIsle Otter - Gutenberg Block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Otter - Gutenberg Block: from n/a through 3.0.3.
Severity ?
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ThemeIsle | Otter - Gutenberg Block |
Affected:
n/a , ≤ 3.0.3
(custom)
|
Credits
Rafie Muhammad (Patchstack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51671",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T14:29:55.197297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T14:36:19.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "otter-blocks",
"product": "Otter - Gutenberg Block",
"vendor": "ThemeIsle",
"versions": [
{
"changes": [
{
"at": "3.0.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.0.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rafie Muhammad (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in ThemeIsle Otter - Gutenberg Block allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Otter - Gutenberg Block: from n/a through 3.0.3.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in ThemeIsle Otter - Gutenberg Block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Otter - Gutenberg Block: from n/a through 3.0.3."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T17:24:20.175Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/otter-blocks/wordpress-otter-blocks-plugin-3-0-3-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 3.0.4 or a higher version."
}
],
"value": "Update to 3.0.4 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Otter Blocks plugin \u003c= 3.0.3 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-51671",
"datePublished": "2024-11-19T16:30:37.868Z",
"dateReserved": "2024-10-30T15:05:38.836Z",
"dateUpdated": "2024-11-20T14:36:19.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10672 (GCVE-0-2024-10672)
Vulnerability from cvelistv5 – Published: 2024-11-12 03:24 – Updated: 2024-11-12 11:20
VLAI?
Summary
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpg_upsert_project_source_block() function in all versions up to, and including, 4.0.2. This makes it possible for authenticated attackers, with editor-level access and above, to delete limited files on the server.
Severity ?
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Multiple Page Generator Plugin – MPG |
Affected:
* , ≤ 4.0.2
(semver)
|
Credits
Arkadiusz Hydzik
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T11:19:45.795088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T11:20:03.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Multiple Page Generator Plugin \u2013 MPG",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Multiple Page Generator Plugin \u2013 MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpg_upsert_project_source_block() function in all versions up to, and including, 4.0.2. This makes it possible for authenticated attackers, with editor-level access and above, to delete limited files on the server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T03:24:58.158Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8c21de03-4d62-4ecf-a2f1-57e0e416792b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/multiple-pages-generator-by-porthas/tags/3.4.8/controllers/ProjectController.php#L147"
},
{
"url": "https://plugins.trac.wordpress.org/browser/multiple-pages-generator-by-porthas/tags/3.4.8/controllers/ProjectController.php#L139"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3183330/multiple-pages-generator-by-porthas/tags/4.0.3/controllers/ProjectController.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-11T14:56:50.000+00:00",
"value": "Disclosed"
}
],
"title": "Multiple Page Generator Plugin \u2013 MPG \u003c= 4.0.2 - Authenticated (Editor+) Directory Traversal to Limited File Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-10672",
"datePublished": "2024-11-12T03:24:58.158Z",
"dateReserved": "2024-11-01T10:42:19.685Z",
"dateUpdated": "2024-11-12T11:20:03.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10367 (GCVE-0-2024-10367)
Vulnerability from cvelistv5 – Published: 2024-11-01 11:01 – Updated: 2024-11-01 13:13
VLAI?
Summary
The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| themeisle | Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE |
Affected:
* , ≤ 3.0.4
(semver)
|
Credits
Francesco Carlucci
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T13:12:49.451333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T13:13:06.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor \u0026 FSE",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor \u0026 FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T11:01:55.530Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d83c085-b33a-4003-9e0a-8457669d6634?source=cve"
},
{
"url": "https://wordpress.org/plugins/otter-blocks/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3178637/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-31T22:04:45.000+00:00",
"value": "Disclosed"
}
],
"title": "Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor \u0026 FSE \u003c= 3.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-10367",
"datePublished": "2024-11-01T11:01:55.530Z",
"dateReserved": "2024-10-24T19:42:29.077Z",
"dateUpdated": "2024-11-01T13:13:06.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}