WordPress - CVE CyberSecurity Database News (Page 3)

Apr 1, 2025 XSS WordPress API PHP

CVE-2025-30798 - Reflected Cross-site Scripting in rickonline_nl Better WishList API up to 1.1.4 – Exploit and Analysis

--- Introduction A new vulnerability—CVE-2025-30798—has been found in the Better WishList API developed by rickonline_nl. The issue is an Improper Neutralization of

Mar 28, 2025 WordPress Exploit PHP

CVE-2025-2294 - Critical Local File Inclusion Vulnerability in Kubio AI Page Builder for WordPress

A newly disclosed security flaw, tracked as CVE-2025-2294, exposes millions of WordPress sites using the popular Kubio AI Page Builder plugin to a devastating Local

Mar 27, 2025 WordPress PHP

CVE-2025-26909 - How a Local File Inclusion Vulnerability in Hide My WP Ghost Puts Your WordPress Site at Risk

Published: June 2024 Author: AI Security Post If you’re running a WordPress site, you might use the popular plugin Hide My WP Ghost to

Mar 26, 2025 WordPress Exploit SQL PHP

CVE-2025-30524 - SQL Injection in Origincode Product Catalog (≤1..4) – How Attackers Can Steal Your Data

In June 2025, a serious security vulnerability (CVE-2025-30524) was discovered in Origincode's Product Catalog plugin, versions up to and including 1..4. If

Mar 22, 2025 WordPress Exploit SQL PHP

CVE-2025-2186 - How a WooCommerce Plugin Left Stores Wide Open with a Simple SQL Injection

A high-risk vulnerability, CVE-2025-2186, was identified in the popular FunnelKit plugin for WordPress, specifically in the Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation