CVE-2025-1128 - Everest Forms WordPress Plugin Vulnerability—How Hackers Can Upload, Read, and Delete Any File on Your Site
In early 2025, security researchers disclosed a severe vulnerability—CVE-2025-1128—affecting the widely used Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder
CVE-2025-1063 - Exploiting Sensitive Data Exposure in The Classified Listing – Classified Ads & Business Directory Plugin for WordPress (Up to v4..4)
WordPress powers millions of websites, and plugins bring essential features to site owners. But what happens when a plugin has a vulnerability that leaks sensitive
CVE-2025-26776 - How a File Upload Flaw in Chaty Pro Lets Attackers Take Over Your Server
In early 2025, a critical security flaw was discovered in Chaty Pro, a popular WordPress plugin developed by NotFound. This vulnerability, tracked as CVE-2025-26776, is
CVE-2025-1510 - Arbitrary Shortcode Execution Vulnerability in Custom Post Type Date Archives Plugin for WordPress
Security researchers have discovered a critical vulnerability in the Custom Post Type Date Archives plugin for WordPress (up to and including version 2.7.1)
CVE-2025-0968 - Sensitive Data Exposure in ElementsKit Elementor Addons Plugin for WordPress (All Versions ≤ 3.4.)
---
If you’re building websites with WordPress and use the popular ElementsKit Elementor Addons plugin, listen up! A new critical vulnerability — CVE-2025-0968 — affects all
Episode
00:00:00
00:00:00