MaxiBlocks Builder Arbitrary File Upload Vulnerability
Attackers can upload malicious files through MaxiBlocks Builder. This puts your WordPress site at risk. You need to…
Category
CVE
Security vulnerability reports and CVE analysis for WordPress plugins, themes, and core.
Critical Arbitrary File Upload in Drag and Drop File Upload for Contact Form 7 Plugin
# CVE-2026-5364: Critical Arbitrary File Upload in Drag and Drop File Upload for Contact Form 7 Plugin (CVSS…
CVE-2025-13456: Reflected XSS in ShopBuilder WooCommerce Plugin (CVSS 6.1)
A Reflected Cross-Site Scripting vulnerability has been discovered in the ShopBuilder WordPress plugin for WooCommerce. Tracked as CVE-2025-13456…
CVE-2025-13153: Stored XSS in Logo Slider WordPress Plugin (CVSS 6.1)
A Cross-Site Scripting (XSS) vulnerability has been discovered in the Logo Slider WordPress plugin. Tracked as CVE-2025-13153 with…
CVE-2025-12685: CSRF Vulnerability in WPBookit Plugin Allows Customer Deletion
CVE-2025-12685 WPBookit CSRF Privilege Escalation. A Cross-Site Request Forgery (CSRF) vulnerability affects the WPBookit WordPress plugin. Tracked as…
CVE-2025-14047: Unauthorized Data Loss in WP User Frontend Plugin
CVE-2025-14047 WP User Frontend SQL Injection. An unauthorized data loss vulnerability affects the WP User Frontend plugin for…
CVE-2025-14428: Missing Capability Check in My Sticky Elements Plugin
A missing capability check vulnerability affects the My Sticky Elements plugin for WordPress. Tracked as CVE-2025-14428 with a…
CVE-2025-14627: SSRF Vulnerability in WP Import Plugin (CVSS 6.4)
A Server-Side Request Forgery 2026 WordPress Security Threats report (SSRF) vulnerability has been discovered in the WP Import…
CVE-2025-14072: Ninja Forms Access Token Generation Vulnerability
The Ninja Forms plugin for WordPress has an access token generation issue. It is tracked as CVE-2025-14072 with…
CVE-2025-14124: SQL Injection in Team WordPress Plugin (CVSS 8.6)
A SQL injection vulnerability has appeared in the Team WordPress plugin. Tracked as CVE-2025-14124 with a CVSS score…