Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2025-69313 Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3. | 7.5 | HIGH | — | 0 |
| CVE-2025-69312 Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Upload a Web Shell to a Web Server.This issue affects Xpro Elementor Addons: fr... | 9.1 | CRITICAL | — | 0 |
| CVE-2025-69311 Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a thro... | 7.6 | HIGH | — | 0 |
| CVE-2025-69300 Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premi... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-69293 Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5. | 8.8 | HIGH | — | 0 |
| CVE-2025-69292 Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4. | 8.8 | HIGH | — | 0 |
| CVE-2025-69193 Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through ... | 7.3 | HIGH | — | 0 |
| CVE-2025-69192 Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a th... | 7.3 | HIGH | — | 0 |
| CVE-2025-69191 Missing Authorization vulnerability in e-plugins ListingHub listinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingHub: from n/a through <= 1.2.7. | 7.3 | HIGH | — | 0 |
| CVE-2025-69190 Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listihub: from n/a through <= 1.0.6. | 7.3 | HIGH | — | 0 |
| CVE-2025-69188 Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a th... | 7.3 | HIGH | — | 0 |
| CVE-2025-69187 Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5. | 7.3 | HIGH | — | 0 |
| CVE-2025-69186 Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hospital... | 7.3 | HIGH | — | 0 |
| CVE-2025-69185 Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through ... | 7.3 | HIGH | — | 0 |
| CVE-2025-69184 Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions D... | 7.3 | HIGH | — | 0 |
| CVE-2025-69183 Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Privilege Escalation.This issue affects Hospital Doctor Directory: from n/a through... | 8.8 | HIGH | — | 0 |
| CVE-2025-69182 Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-directory allows Privilege Escalation.This issue affects Institutions Directory: from n/a through <= 1.3.4... | 8.8 | HIGH | — | 0 |
| CVE-2025-69181 Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a... | 7.3 | HIGH | — | 0 |
| CVE-2025-69180 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra P... | 8.5 | HIGH | — | 0 |
| CVE-2025-69102 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Boopathi Rajan WP Test Email wp-test-email allows Reflected XSS.This issue affects WP Test Email: ... | 7.1 | HIGH | — | 0 |
| CVE-2025-69101 Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.This issue affects Workreap Core: from n/a through <= 3.4.1... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-69100 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes North north-wp allows PHP Local File Inclusion.This issue affects No... | 8.1 | HIGH | — | 0 |
| CVE-2025-69099 Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through <= 5.7.5. | 8.8 | HIGH | — | 0 |
| CVE-2025-69098 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWave Hide My WP hide_my_wp allows Reflected XSS.This issue affects Hide My WP: from n/a through ... | 7.1 | HIGH | — | 0 |
| CVE-2025-69097 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through <= 1.9.9.... | 8.6 | HIGH | — | 0 |
| CVE-2025-69095 Missing Authorization vulnerability in designthemes Reservation Plugin dt-reservation-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reservation Plug... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-69079 Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: fro... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-69078 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Malta malta allows PHP Local File Inclusion.This issue affects Mal... | 8.1 | HIGH | — | 0 |
| CVE-2025-69077 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Hobo hobo allows PHP Local File Inclusion.This issue affects Hobo:... | 8.1 | HIGH | — | 0 |
| CVE-2025-69076 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Modern Housewife modernhousewife allows PHP Local File Inclusion.T... | 8.1 | HIGH | — | 0 |
| CVE-2025-69075 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Yolox yolox allows PHP Local File Inclusion.This issue affects Yol... | 8.1 | HIGH | — | 0 |
| CVE-2025-69074 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pearson Specter pearsonspecter allows PHP Local File Inclusion.Thi... | 8.1 | HIGH | — | 0 |
| CVE-2025-69073 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piq... | 8.1 | HIGH | — | 0 |
| CVE-2025-69072 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Prider prider allows PHP Local File Inclusion.This issue affects P... | 8.1 | HIGH | — | 0 |
| CVE-2025-69071 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes TanTum tantum allows PHP Local File Inclusion.This issue affects T... | 8.1 | HIGH | — | 0 |
| CVE-2025-69070 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tornados tornados allows PHP Local File Inclusion.This issue affec... | 8.1 | HIGH | — | 0 |
| CVE-2025-69068 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Muji muji allows PHP Local File Inclusion.This issue affects Muji:... | 8.1 | HIGH | — | 0 |
| CVE-2025-69067 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tails tails allows PHP Local File Inclusion.This issue affects Tai... | 8.1 | HIGH | — | 0 |
| CVE-2025-69066 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Indoor Plants indoor-plants allows PHP Local File Inclusion.This i... | 8.1 | HIGH | — | 0 |
| CVE-2025-69065 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Snow Mountain snowmountain allows PHP Local File Inclusion.This is... | 8.1 | HIGH | — | 0 |
| CVE-2025-69064 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pets Land petsland allows PHP Local File Inclusion.This issue affe... | 8.1 | HIGH | — | 0 |
| CVE-2025-69062 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Weedles weedles allows PHP Local File Inclusion.This issue affects... | 8.1 | HIGH | — | 0 |
| CVE-2025-69061 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes MoveMe moveme allows PHP Local File Inclusion.This issue affects M... | 8.1 | HIGH | — | 0 |
| CVE-2025-69060 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes uReach ureach allows PHP Local File Inclusion.This issue affects u... | 8.1 | HIGH | — | 0 |
| CVE-2025-69059 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DiveIt diveit allows PHP Local File Inclusion.This issue affects D... | 8.1 | HIGH | — | 0 |
| CVE-2025-69058 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes PartyMaker partymaker allows PHP Local File Inclusion.This issue a... | 8.1 | HIGH | — | 0 |
| CVE-2025-69057 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Eldon eldon allows PHP Local File Inclusion.This issue affects Eldo... | 8.1 | HIGH | — | 0 |
| CVE-2025-69056 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from ... | 7.1 | HIGH | — | 0 |
| CVE-2025-69055 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder bm-builder allows Path Traversal.This issue affects BM Content Builder: from... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-69054 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in highwarden Super Logos Showcase superlogoshowcase-wp allows Reflected XSS.This issue affects Super... | 7.1 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.