CVE-2025-30524 - SQL Injection in Origincode Product Catalog (≤1..4) – How Attackers Can Steal Your Data
In June 2025, a serious security vulnerability (CVE-2025-30524) was discovered in Origincode's Product Catalog plugin, versions up to and including 1..4. If
CVE-2025-2645 - Cross Site Scripting (XSS) Vulnerability in PHPGurukul Art Gallery Management System 1. – Exploit Details and Remediation
A new security vulnerability, CVE-2025-2645, has been discovered in the PHPGurukul Art Gallery Management System 1.. This post aims to explain the vulnerability in simple
CVE-2025-2186 - How a WooCommerce Plugin Left Stores Wide Open with a Simple SQL Injection
A high-risk vulnerability, CVE-2025-2186, was identified in the popular FunnelKit plugin for WordPress, specifically in the Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation
CVE-2025-1311 - SQL Injection Vulnerability in WooCommerce Multivendor Marketplace – REST API Plugin (WordPress)
A new and serious security flaw (CVE-2025-1311) was recently discovered in the popular WooCommerce Multivendor Marketplace – REST API plugin for WordPress. This vulnerability allows attackers
CVE-2025-2505 - Age Gate WordPress Plugin – Local PHP File Inclusion Vulnerability Exploit Guide
Published: July 2024
*By: WP Security Labs Exclusive*
Summary
A critical vulnerability (CVE-2025-2505) has been discovered in the Age Gate WordPress plugin – one of the
Episode
00:00:00
00:00:00