Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
74 vulnerabilities by cyberlord92
CVE-2026-2628 (GCVE-0-2026-2628)
Vulnerability from nvd – Published: 2026-03-03 01:21 – Updated: 2026-04-08 16:56
VLAI
Title
All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login <= 2.2.5 - Authentication Bypass
Summary
The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentication and log in as other users, including administrators.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login |
Affected:
0 , ≤ 2.2.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2628",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T16:23:20.381564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T16:23:30.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "All-in-One Microsoft 365 \u0026 Entra ID / Azure AD SSO Login",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "2.2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nabil Irawan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The All-in-One Microsoft 365 \u0026 Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentication and log in as other users, including administrators."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:56:07.725Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e15e36e-55f9-4095-a0ba-48ef9434606a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/login-with-azure?rev=3465063"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-05T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2026-02-17T13:41:28.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-03-02T13:04:58.000Z",
"value": "Disclosed"
}
],
"title": "All-in-One Microsoft 365 \u0026 Entra ID / Azure AD SSO Login \u003c= 2.2.5 - Authentication Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-2628",
"datePublished": "2026-03-03T01:21:49.975Z",
"dateReserved": "2026-02-17T13:25:58.536Z",
"dateUpdated": "2026-04-08T16:56:07.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1279 (GCVE-0-2026-1279)
Vulnerability from nvd – Published: 2026-02-06 07:24 – Updated: 2026-04-08 17:32
VLAI
Title
Employee Directory <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_title' Shortcode Attribute
Summary
The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_title' parameter in the `search_employee_directory` shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Employee Directory – Staff Directory and Listing |
Affected:
0 , ≤ 1.2.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:25:45.400742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:27:07.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Employee Directory \u2013 Staff Directory and Listing",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Djaidja Moundjid"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027form_title\u0027 parameter in the `search_employee_directory` shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:32:19.893Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0d3b54c-6244-4776-be3c-afe3a28a2b8a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/employee-staff-directory/trunk/handler/mo-empdir-search_handler.php#L29"
},
{
"url": "https://wordpress.org/plugins/employee-staff-directory"
},
{
"url": "https://plugins.trac.wordpress.org/browser/employee-staff-directory/tags/1.2.1/handler/mo-empdir-search_handler.php#L29"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3448620%40employee-staff-directory\u0026new=3448620%40employee-staff-directory"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-20T22:25:54.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-05T19:15:07.000Z",
"value": "Disclosed"
}
],
"title": "Employee Directory \u003c= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via \u0027form_title\u0027 Shortcode Attribute"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-1279",
"datePublished": "2026-02-06T07:24:55.528Z",
"dateReserved": "2026-01-20T22:10:46.216Z",
"dateUpdated": "2026-04-08T17:32:19.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10753 (GCVE-0-2025-10753)
Vulnerability from nvd – Published: 2026-02-06 06:46 – Updated: 2026-04-08 17:09
VLAI
Title
OAuth Single Sign On – SSO (OAuth Client) <= 6.26.14 - Missing Authorization
Summary
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 6.26.14. This is due to missing capability checks and authentication verification on the OAuth redirect functionality accessible via the 'oauthredirect' option parameter. This makes it possible for unauthenticated attackers to set the global redirect URL option via the redirect_url parameter granted they can access the site directly.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | OAuth Single Sign On – SSO (OAuth Client) |
Affected:
0 , ≤ 6.26.14
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:24:17.800081Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:24:43.451Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OAuth Single Sign On \u2013 SSO (OAuth Client)",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "6.26.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 6.26.14. This is due to missing capability checks and authentication verification on the OAuth redirect functionality accessible via the \u0027oauthredirect\u0027 option parameter. This makes it possible for unauthenticated attackers to set the global redirect URL option via the redirect_url parameter granted they can access the site directly."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:09:14.056Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/915e1a6e-ad9c-4849-8ae0-3ded18720a1f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-login-with-eve-online-google-facebook/tags/6.26.12/class-mooauth-widget.php#L260"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3399223%40miniorange-login-with-eve-online-google-facebook\u0026new=3399223%40miniorange-login-with-eve-online-google-facebook\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-17T19:14:30.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-05T18:30:28.000Z",
"value": "Disclosed"
}
],
"title": "OAuth Single Sign On \u2013 SSO (OAuth Client) \u003c= 6.26.14 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10753",
"datePublished": "2026-02-06T06:46:30.162Z",
"dateReserved": "2025-09-19T20:41:51.812Z",
"dateUpdated": "2026-04-08T17:09:14.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0725 (GCVE-0-2026-0725)
Vulnerability from nvd – Published: 2026-01-17 08:24 – Updated: 2026-04-08 16:58
VLAI
Title
Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration
Summary
The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Integrate Dynamics 365 CRM |
Affected:
0 , ≤ 1.1.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T19:17:58.626163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T19:23:19.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Integrate Dynamics 365 CRM",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Teerachai Somprasong"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:57.040Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b16028a-0b69-422b-9471-32ea6edb93a0?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/trunk/Wrappers/class-templatewrapper.php#L491"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/tags/1.1.1/Wrappers/class-templatewrapper.php#L491"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3438502/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-08T14:01:50.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-16T19:47:08.000Z",
"value": "Disclosed"
}
],
"title": "Integrate Dynamics 365 CRM \u003c= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-0725",
"datePublished": "2026-01-17T08:24:31.355Z",
"dateReserved": "2026-01-08T13:46:37.754Z",
"dateUpdated": "2026-04-08T16:58:57.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14948 (GCVE-0-2025-14948)
Vulnerability from nvd – Published: 2026-01-10 07:03 – Updated: 2026-04-08 17:33
VLAI
Title
miniOrange OTP Verification and SMS Notification for WooCommerce <= 4.3.8 - Missing Authorization to Unauthenticated Notification Settings Modification
Summary
The miniOrange OTP Verification and SMS Notification for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `enable_wc_sms_notification` AJAX action in all versions up to, and including, 4.3.8. This makes it possible for unauthenticated attackers to enable or disable SMS notification settings for WooCommerce orders.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | miniOrange OTP Verification and SMS Notification for WooCommerce |
Affected:
0 , ≤ 4.3.8
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-12T13:07:44.985945Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T13:08:10.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "miniOrange OTP Verification and SMS Notification for WooCommerce",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "4.3.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdualrhman Muzamil"
}
],
"descriptions": [
{
"lang": "en",
"value": "The miniOrange OTP Verification and SMS Notification for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `enable_wc_sms_notification` AJAX action in all versions up to, and including, 4.3.8. This makes it possible for unauthenticated attackers to enable or disable SMS notification settings for WooCommerce orders."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:33:56.682Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f84ddc83-2079-45b9-8354-51094581b1f8?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-sms-order-notification-otp-verification/tags/4.3.8/notifications/wcsmsnotification/handler/class-woocommercenotifications.php#L138"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-sms-order-notification-otp-verification?rev=3423647"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-19T04:30:06.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "miniOrange OTP Verification and SMS Notification for WooCommerce \u003c= 4.3.8 - Missing Authorization to Unauthenticated Notification Settings Modification"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-14948",
"datePublished": "2026-01-10T07:03:55.561Z",
"dateReserved": "2025-12-19T04:14:38.233Z",
"dateUpdated": "2026-04-08T17:33:56.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12822 (GCVE-0-2025-12822)
Vulnerability from nvd – Published: 2025-11-19 05:45 – Updated: 2026-04-08 17:10
VLAI
Title
WP Login and Register using JWT <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key Exposure
Summary
The WP Login and Register using JWT plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mo_jwt_generate_new_api_key' function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to generate a new API key on site's that do not have an API key configured and subsequently use that to access restricted endpoints.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | WP Login and Register using JWT |
Affected:
0 , ≤ 3.0.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T18:43:07.788647Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T18:43:17.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Login and Register using JWT",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "3.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Login and Register using JWT plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027mo_jwt_generate_new_api_key\u0027 function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to generate a new API key on site\u0027s that do not have an API key configured and subsequently use that to access restricted endpoints."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:10:14.150Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/966523a4-3d4b-444b-b9d0-63c72527a99f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3397900%40login-register-using-jwt\u0026new=3397900%40login-register-using-jwt\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-06T19:00:51.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-18T17:17:49.000Z",
"value": "Disclosed"
}
],
"title": "WP Login and Register using JWT \u003c= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12822",
"datePublished": "2025-11-19T05:45:15.251Z",
"dateReserved": "2025-11-06T18:44:15.837Z",
"dateUpdated": "2026-04-08T17:10:14.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11255 (GCVE-0-2025-11255)
Vulnerability from nvd – Published: 2025-10-25 06:49 – Updated: 2026-04-08 16:58
VLAI
Title
Password Policy Manager | Password Manager <= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log Out
Summary
The Password Policy Manager | Password Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'moppm_ajax' AJAX endpoint in all versions up to, and including, 2.0.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to log out the site's connection to miniorange.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Password Policy Manager | Password Manager |
Affected:
0 , ≤ 2.0.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11255",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:52:15.899267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:52:24.137Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Password Policy Manager | Password Manager",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "2.0.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Password Policy Manager | Password Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027moppm_ajax\u0027 AJAX endpoint in all versions up to, and including, 2.0.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to log out the site\u0027s connection to miniorange."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:03.666Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/66ac51f9-3571-4e07-a110-afec43abab37?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3381127%40password-policy-manager\u0026new=3381127%40password-policy-manager\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-24T18:09:09.000Z",
"value": "Disclosed"
}
],
"title": "Password Policy Manager | Password Manager \u003c= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log Out"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11255",
"datePublished": "2025-10-25T06:49:22.427Z",
"dateReserved": "2025-10-03T12:01:49.445Z",
"dateUpdated": "2026-04-08T16:58:03.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10750 (GCVE-0-2025-10750)
Vulnerability from nvd – Published: 2025-10-18 07:26 – Updated: 2026-04-08 17:26
VLAI
Title
PowerBI Embed Reports <= 1.2.0 - Unauthenticated Sensitive Information Disclosure
Summary
The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.2.0. This is due to missing capability checks and authentication verification on the 'testUser' endpoint accessible via the mo_epbr_admin_observer() function hooked on 'init'. This makes it possible for unauthenticated attackers to access sensitive Azure AD user information including personal identifiable information (PII) such as displayName, mail, phones, department, or detailed OAuth error data including Azure AD Application/Client IDs, error codes, trace IDs, and correlation IDs.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | PowerBI Embed Reports |
Affected:
0 , ≤ 1.2.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T17:36:21.330234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T17:37:10.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerBI Embed Reports",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.2.0. This is due to missing capability checks and authentication verification on the \u0027testUser\u0027 endpoint accessible via the mo_epbr_admin_observer() function hooked on \u0027init\u0027. This makes it possible for unauthenticated attackers to access sensitive Azure AD user information including personal identifiable information (PII) such as displayName, mail, phones, department, or detailed OAuth error data including Azure AD Application/Client IDs, error codes, trace IDs, and correlation IDs."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:26:45.880Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d830c2eb-16e8-425c-ac46-a467a2fd0133?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embed-power-bi-reports/tags/1.2.0/embed-microsoft-power-bi-reports.php#L75"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embed-power-bi-reports/tags/1.2.0/Observer/adminObserver.php#L54"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embed-power-bi-reports/tags/1.2.0/Observer/adminObserver.php#L265"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3369956%40embed-power-bi-reports\u0026new=3369956%40embed-power-bi-reports\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-17T19:06:40.000Z",
"value": "Disclosed"
}
],
"title": "PowerBI Embed Reports \u003c= 1.2.0 - Unauthenticated Sensitive Information Disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10750",
"datePublished": "2025-10-18T07:26:32.267Z",
"dateReserved": "2025-09-19T20:28:14.943Z",
"dateUpdated": "2026-04-08T17:26:45.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10648 (GCVE-0-2025-10648)
Vulnerability from nvd – Published: 2025-10-15 08:25 – Updated: 2026-04-08 16:38
VLAI
Title
Login with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes'
Summary
The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moym_display_test_attributes' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to read the profile data of the latest SSO login.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Login with YourMembership – YM SSO Login |
Affected:
0 , ≤ 1.1.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T15:13:11.438570Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T15:25:33.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Login with YourMembership \u2013 YM SSO Login",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The YourMembership Single Sign On \u2013 YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027moym_display_test_attributes\u0027 function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to read the profile data of the latest SSO login."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:38:18.146Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1bb25412-8f63-4a9d-84bd-44fac59c6eed?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/login-with-yourmembership/trunk/class-moym-sso.php#L88"
},
{
"url": "https://plugins.trac.wordpress.org/browser/login-with-yourmembership/trunk/class-moym-sso.php#L112"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3389623/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-29T20:50:51.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-14T19:58:07.000Z",
"value": "Disclosed"
}
],
"title": "Login with YourMembership - YM SSO Login \u003c= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via \u0027moym_display_test_attributes\u0027"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10648",
"datePublished": "2025-10-15T08:25:50.573Z",
"dateReserved": "2025-09-17T18:07:31.865Z",
"dateUpdated": "2026-04-08T16:38:18.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9485 (GCVE-0-2025-9485)
Vulnerability from nvd – Published: 2025-10-04 02:24 – Updated: 2026-04-08 17:25
VLAI
Title
OAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Authentication Bypass via get_resource_owner_from_id_token()
Summary
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 6.26.12. This is due to the plugin performing unsafe JWT token processing without verification or validation in the `get_resource_owner_from_id_token` function. This makes it possible for unauthenticated attackers to bypass authentication and gain access to any existing user account - including administrators in certain configurations - or to create arbitrary subscriber-level accounts.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | OAuth Single Sign On – SSO (OAuth Client) |
Affected:
0 , ≤ 6.26.12
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T14:14:07.678306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T14:16:32.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OAuth Single Sign On \u2013 SSO (OAuth Client)",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "6.26.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 6.26.12. This is due to the plugin performing unsafe JWT token processing without verification or validation in the `get_resource_owner_from_id_token` function. This makes it possible for unauthenticated attackers to bypass authentication and gain access to any existing user account - including administrators in certain configurations - or to create arbitrary subscriber-level accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:25:21.100Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2448afc-70d1-4dd5-b73b-62d182ee9a8a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-login-with-eve-online-google-facebook/tags/6.26.12/class-mooauth-widget.php#L577"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3360768/miniorange-login-with-eve-online-google-facebook"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-15T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-10-03T14:11:31.000Z",
"value": "Disclosed"
}
],
"title": "OAuth Single Sign On \u2013 SSO (OAuth Client) \u003c= 6.26.12 - Authentication Bypass via get_resource_owner_from_id_token()"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-9485",
"datePublished": "2025-10-04T02:24:37.169Z",
"dateReserved": "2025-08-26T08:59:36.029Z",
"dateUpdated": "2026-04-08T17:25:21.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10746 (GCVE-0-2025-10746)
Vulnerability from nvd – Published: 2025-10-04 02:24 – Updated: 2026-04-08 17:17
VLAI
Title
Integrate Dynamics 365 CRM <= 1.0.9 - Missing Authorization
Summary
The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.9. This is due to missing capability checks and nonce verification on functions hooked to 'init'. This makes it possible for unauthenticated attackers to deactivate the plugin, tamper with OAuth configuration, and trigger test connections that expose sensitive data via direct request to vulnerable endpoints granted they can craft malicious requests with specific parameters.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Integrate Dynamics 365 CRM |
Affected:
0 , ≤ 1.0.9
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T14:14:34.144280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T14:16:41.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Integrate Dynamics 365 CRM",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.0.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.9. This is due to missing capability checks and nonce verification on functions hooked to \u0027init\u0027. This makes it possible for unauthenticated attackers to deactivate the plugin, tamper with OAuth configuration, and trigger test connections that expose sensitive data via direct request to vulnerable endpoints granted they can craft malicious requests with specific parameters."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:17:42.526Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7fb23e8-dabb-4d6e-a2b2-2b27d6a38b3c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/tags/1.0.9/Observer/adminObserver.php#L26"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/tags/1.0.9/integrate-dynamics-365-crm.php#L48"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/trunk/Observer/class-adminobserver.php?rev=3370266#L71"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-03T14:18:24.000Z",
"value": "Disclosed"
}
],
"title": "Integrate Dynamics 365 CRM \u003c= 1.0.9 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10746",
"datePublished": "2025-10-04T02:24:36.757Z",
"dateReserved": "2025-09-19T19:39:41.942Z",
"dateUpdated": "2026-04-08T17:17:42.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10752 (GCVE-0-2025-10752)
Vulnerability from nvd – Published: 2025-09-26 01:47 – Updated: 2026-04-08 17:30
VLAI
Title
OAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Cross-Site Request Forgery
Summary
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.26.12. This is due to using a predictable state parameter (base64 encoded app name) without any randomness in the OAuth flow. This makes it possible for unauthenticated attackers to forge OAuth authorization requests and potentially hijack the OAuth flow via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | OAuth Single Sign On – SSO (OAuth Client) |
Affected:
0 , ≤ 6.26.12
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10752",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-26T19:24:31.437473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T19:24:44.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OAuth Single Sign On \u2013 SSO (OAuth Client)",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "6.26.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.26.12. This is due to using a predictable state parameter (base64 encoded app name) without any randomness in the OAuth flow. This makes it possible for unauthenticated attackers to forge OAuth authorization requests and potentially hijack the OAuth flow via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:30:41.766Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8d7e8f3-e8ff-460f-a343-807bcdb865dc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-login-with-eve-online-google-facebook/tags/6.26.12/class-mooauth-widget.php#L285"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3360768%40miniorange-login-with-eve-online-google-facebook\u0026new=3360768%40miniorange-login-with-eve-online-google-facebook\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-25T13:34:18.000Z",
"value": "Disclosed"
}
],
"title": "OAuth Single Sign On \u2013 SSO (OAuth Client) \u003c= 6.26.12 - Cross-Site Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10752",
"datePublished": "2025-09-26T01:47:27.527Z",
"dateReserved": "2025-09-19T20:37:57.485Z",
"dateUpdated": "2026-04-08T17:30:41.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7665 (GCVE-0-2025-7665)
Vulnerability from nvd – Published: 2025-09-19 12:27 – Updated: 2025-09-19 13:05
VLAI
Title
Miniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege Escalation
Summary
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'handle_mofirebase_form_options' function in versions 3.1.0 to 3.6.2. This makes it possible for unauthenticated attackers to update the default role to Administrator. Premium features must be enabled in order to exploit the vulnerability.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Miniorange OTP Verification with Firebase |
Affected:
3.1.0 , ≤ 3.6.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7665",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T13:04:59.600598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T13:05:05.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Miniorange OTP Verification with Firebase",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "3.6.2",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kenneth Dunn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the \u0027handle_mofirebase_form_options\u0027 function in versions 3.1.0 to 3.6.2. This makes it possible for unauthenticated attackers to update the default role to Administrator. Premium features must be enabled in order to exploit the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T12:27:36.481Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9a02910-5674-4266-ab6e-7926bf6adecc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-firebase-sms-otp-verification/trunk/handler/forms/class-registrationform.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:13:56.000Z",
"value": "Disclosed"
}
],
"title": "Miniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7665",
"datePublished": "2025-09-19T12:27:36.481Z",
"dateReserved": "2025-07-14T21:34:58.243Z",
"dateUpdated": "2025-09-19T13:05:05.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9891 (GCVE-0-2025-9891)
Vulnerability from nvd – Published: 2025-09-17 01:53 – Updated: 2026-04-08 16:59
VLAI
Title
User Sync – Remote User Sync <= 1.0.2 - Cross-Site Request Forgery to Plugin Deactivation
Summary
The User Sync – Remote User Sync plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the mo_user_sync_form_handler() function. This makes it possible for unauthenticated attackers to deactivate the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | User Sync |
Affected:
0 , ≤ 1.0.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9891",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:09:20.554042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:09:26.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Sync",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.0.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Sync \u2013 Remote User Sync plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the mo_user_sync_form_handler() function. This makes it possible for unauthenticated attackers to deactivate the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:59:00.382Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b60777e-6e07-42bd-9364-43367e209227?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-sync/tags/1.0.1/mo-user-sync-main.php#L118"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3360328%40user-sync\u0026new=3360328%40user-sync\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-16T13:49:44.000Z",
"value": "Disclosed"
}
],
"title": "User Sync \u2013 Remote User Sync \u003c= 1.0.2 - Cross-Site Request Forgery to Plugin Deactivation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-9891",
"datePublished": "2025-09-17T01:53:14.331Z",
"dateReserved": "2025-09-02T22:59:56.638Z",
"dateUpdated": "2026-04-08T16:59:00.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8420 (GCVE-0-2025-8420)
Vulnerability from nvd – Published: 2025-08-06 02:24 – Updated: 2026-04-08 16:56
VLAI
Title
Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution
Summary
Multiple plugins for WordPress by emarket-design with the 'emd-form-builder-lite' package are vulnerable to Remote Code Execution in various versions via the emd_form_builder_lite_pagenum function. This is due to the plugin not properly validating user input before using it as a function name. This makes it possible for unauthenticated attackers to execute code on the server, however, parameters can not be passed to the functions called
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Assigner
References
9 references
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress |
Affected:
0 , ≤ 1.9.2
(semver)
|
|
| emarket-design | Request a Quote Form Plugin – Price Quote Request Management Made Easy |
Affected:
0 , ≤ 2.5.2
(semver)
|
|
| emarket-design | Video Gallery – YouTube Gallery & Responsive Video Playlist |
Affected:
0 , ≤ 3.5.2
(semver)
|
|
| emarket-design | Simple Contact Form Plugin for WordPress – WP Easy Contact |
Affected:
0 , ≤ 4.0.2
(semver)
|
|
| emarket-design | Event RSVP and Simple Event Management Plugin |
Affected:
0 , ≤ 4.2.1
(semver)
|
|
| cyberlord92 | Employee Directory – Staff Directory and Listing |
Affected:
0 , ≤ 4.5.2
(semver)
|
|
| emarket-design | Project Management, Bug and Issue Tracking Plugin – Software Issue Manager |
Affected:
0 , ≤ 5.0.0
(semver)
|
|
| emarket-design | Customer Support Ticket System & Helpdesk Plugin for WordPress |
Affected:
0 , ≤ 6.0.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8420",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-06T13:36:13.606539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-06T13:36:32.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Campus Directory \u2013 Faculty, Staff \u0026 Student Directory Plugin for WordPress",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "1.9.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Request a Quote Form Plugin \u2013 Price Quote Request Management Made Easy",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "2.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Video Gallery \u2013 YouTube Gallery \u0026 Responsive Video Playlist",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "3.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Simple Contact Form Plugin for WordPress \u2013 WP Easy Contact",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Event RSVP and Simple Event Management Plugin",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "4.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Employee Directory \u2013 Staff Directory and Listing",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "4.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Project Management, Bug and Issue Tracking Plugin \u2013 Software Issue Manager",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "5.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Customer Support Ticket System \u0026 Helpdesk Plugin for WordPress",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "6.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Mazzolini"
},
{
"lang": "en",
"type": "finder",
"value": "Youcef Hamdani"
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple plugins for WordPress by emarket-design with the \u0027emd-form-builder-lite\u0027 package are vulnerable to Remote Code Execution in various versions via the emd_form_builder_lite_pagenum function. This is due to the plugin not properly validating user input before using it as a function name. This makes it possible for unauthenticated attackers to execute code on the server, however, parameters can not be passed to the functions called"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-95",
"description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:56:28.904Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/601aa2b5-aeac-49bc-960d-4b4ff83e9229?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3338854%40request-a-quote\u0026new=3338854%40request-a-quote\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3340992%40software-issue-manager\u0026new=3340992%40software-issue-manager\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3341064%40wp-ticket\u0026new=3341064%40wp-ticket\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3346435/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3346460/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3347084/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3348220%40wp-easy-events\u0026new=3348220%40wp-easy-events\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3365190%40youtube-showcase\u0026new=3365190%40youtube-showcase\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-31T14:51:03.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-08-05T13:47:52.000Z",
"value": "Disclosed"
}
],
"title": "Multiple Plugins by emarket-design \u003c= Multiple Versions - Unauthenticated Limited Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8420",
"datePublished": "2025-08-06T02:24:12.120Z",
"dateReserved": "2025-07-31T14:35:50.620Z",
"dateUpdated": "2026-04-08T16:56:28.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2628 (GCVE-0-2026-2628)
Vulnerability from cvelistv5 – Published: 2026-03-03 01:21 – Updated: 2026-04-08 16:56
VLAI
Title
All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login <= 2.2.5 - Authentication Bypass
Summary
The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentication and log in as other users, including administrators.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login |
Affected:
0 , ≤ 2.2.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2628",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T16:23:20.381564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T16:23:30.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "All-in-One Microsoft 365 \u0026 Entra ID / Azure AD SSO Login",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "2.2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nabil Irawan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The All-in-One Microsoft 365 \u0026 Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentication and log in as other users, including administrators."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:56:07.725Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e15e36e-55f9-4095-a0ba-48ef9434606a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/login-with-azure?rev=3465063"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-05T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2026-02-17T13:41:28.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-03-02T13:04:58.000Z",
"value": "Disclosed"
}
],
"title": "All-in-One Microsoft 365 \u0026 Entra ID / Azure AD SSO Login \u003c= 2.2.5 - Authentication Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-2628",
"datePublished": "2026-03-03T01:21:49.975Z",
"dateReserved": "2026-02-17T13:25:58.536Z",
"dateUpdated": "2026-04-08T16:56:07.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1279 (GCVE-0-2026-1279)
Vulnerability from cvelistv5 – Published: 2026-02-06 07:24 – Updated: 2026-04-08 17:32
VLAI
Title
Employee Directory <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_title' Shortcode Attribute
Summary
The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_title' parameter in the `search_employee_directory` shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Employee Directory – Staff Directory and Listing |
Affected:
0 , ≤ 1.2.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:25:45.400742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:27:07.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Employee Directory \u2013 Staff Directory and Listing",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Djaidja Moundjid"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027form_title\u0027 parameter in the `search_employee_directory` shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:32:19.893Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0d3b54c-6244-4776-be3c-afe3a28a2b8a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/employee-staff-directory/trunk/handler/mo-empdir-search_handler.php#L29"
},
{
"url": "https://wordpress.org/plugins/employee-staff-directory"
},
{
"url": "https://plugins.trac.wordpress.org/browser/employee-staff-directory/tags/1.2.1/handler/mo-empdir-search_handler.php#L29"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3448620%40employee-staff-directory\u0026new=3448620%40employee-staff-directory"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-20T22:25:54.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-05T19:15:07.000Z",
"value": "Disclosed"
}
],
"title": "Employee Directory \u003c= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via \u0027form_title\u0027 Shortcode Attribute"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-1279",
"datePublished": "2026-02-06T07:24:55.528Z",
"dateReserved": "2026-01-20T22:10:46.216Z",
"dateUpdated": "2026-04-08T17:32:19.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10753 (GCVE-0-2025-10753)
Vulnerability from cvelistv5 – Published: 2026-02-06 06:46 – Updated: 2026-04-08 17:09
VLAI
Title
OAuth Single Sign On – SSO (OAuth Client) <= 6.26.14 - Missing Authorization
Summary
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 6.26.14. This is due to missing capability checks and authentication verification on the OAuth redirect functionality accessible via the 'oauthredirect' option parameter. This makes it possible for unauthenticated attackers to set the global redirect URL option via the redirect_url parameter granted they can access the site directly.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | OAuth Single Sign On – SSO (OAuth Client) |
Affected:
0 , ≤ 6.26.14
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:24:17.800081Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:24:43.451Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OAuth Single Sign On \u2013 SSO (OAuth Client)",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "6.26.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 6.26.14. This is due to missing capability checks and authentication verification on the OAuth redirect functionality accessible via the \u0027oauthredirect\u0027 option parameter. This makes it possible for unauthenticated attackers to set the global redirect URL option via the redirect_url parameter granted they can access the site directly."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:09:14.056Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/915e1a6e-ad9c-4849-8ae0-3ded18720a1f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-login-with-eve-online-google-facebook/tags/6.26.12/class-mooauth-widget.php#L260"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3399223%40miniorange-login-with-eve-online-google-facebook\u0026new=3399223%40miniorange-login-with-eve-online-google-facebook\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-17T19:14:30.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-05T18:30:28.000Z",
"value": "Disclosed"
}
],
"title": "OAuth Single Sign On \u2013 SSO (OAuth Client) \u003c= 6.26.14 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10753",
"datePublished": "2026-02-06T06:46:30.162Z",
"dateReserved": "2025-09-19T20:41:51.812Z",
"dateUpdated": "2026-04-08T17:09:14.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0725 (GCVE-0-2026-0725)
Vulnerability from cvelistv5 – Published: 2026-01-17 08:24 – Updated: 2026-04-08 16:58
VLAI
Title
Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration
Summary
The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Integrate Dynamics 365 CRM |
Affected:
0 , ≤ 1.1.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T19:17:58.626163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T19:23:19.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Integrate Dynamics 365 CRM",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Teerachai Somprasong"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:57.040Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b16028a-0b69-422b-9471-32ea6edb93a0?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/trunk/Wrappers/class-templatewrapper.php#L491"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/tags/1.1.1/Wrappers/class-templatewrapper.php#L491"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3438502/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-08T14:01:50.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-16T19:47:08.000Z",
"value": "Disclosed"
}
],
"title": "Integrate Dynamics 365 CRM \u003c= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-0725",
"datePublished": "2026-01-17T08:24:31.355Z",
"dateReserved": "2026-01-08T13:46:37.754Z",
"dateUpdated": "2026-04-08T16:58:57.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14948 (GCVE-0-2025-14948)
Vulnerability from cvelistv5 – Published: 2026-01-10 07:03 – Updated: 2026-04-08 17:33
VLAI
Title
miniOrange OTP Verification and SMS Notification for WooCommerce <= 4.3.8 - Missing Authorization to Unauthenticated Notification Settings Modification
Summary
The miniOrange OTP Verification and SMS Notification for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `enable_wc_sms_notification` AJAX action in all versions up to, and including, 4.3.8. This makes it possible for unauthenticated attackers to enable or disable SMS notification settings for WooCommerce orders.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | miniOrange OTP Verification and SMS Notification for WooCommerce |
Affected:
0 , ≤ 4.3.8
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-12T13:07:44.985945Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T13:08:10.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "miniOrange OTP Verification and SMS Notification for WooCommerce",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "4.3.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdualrhman Muzamil"
}
],
"descriptions": [
{
"lang": "en",
"value": "The miniOrange OTP Verification and SMS Notification for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `enable_wc_sms_notification` AJAX action in all versions up to, and including, 4.3.8. This makes it possible for unauthenticated attackers to enable or disable SMS notification settings for WooCommerce orders."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:33:56.682Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f84ddc83-2079-45b9-8354-51094581b1f8?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-sms-order-notification-otp-verification/tags/4.3.8/notifications/wcsmsnotification/handler/class-woocommercenotifications.php#L138"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-sms-order-notification-otp-verification?rev=3423647"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-19T04:30:06.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "miniOrange OTP Verification and SMS Notification for WooCommerce \u003c= 4.3.8 - Missing Authorization to Unauthenticated Notification Settings Modification"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-14948",
"datePublished": "2026-01-10T07:03:55.561Z",
"dateReserved": "2025-12-19T04:14:38.233Z",
"dateUpdated": "2026-04-08T17:33:56.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12822 (GCVE-0-2025-12822)
Vulnerability from cvelistv5 – Published: 2025-11-19 05:45 – Updated: 2026-04-08 17:10
VLAI
Title
WP Login and Register using JWT <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key Exposure
Summary
The WP Login and Register using JWT plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mo_jwt_generate_new_api_key' function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to generate a new API key on site's that do not have an API key configured and subsequently use that to access restricted endpoints.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | WP Login and Register using JWT |
Affected:
0 , ≤ 3.0.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T18:43:07.788647Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T18:43:17.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Login and Register using JWT",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "3.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Login and Register using JWT plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027mo_jwt_generate_new_api_key\u0027 function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to generate a new API key on site\u0027s that do not have an API key configured and subsequently use that to access restricted endpoints."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:10:14.150Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/966523a4-3d4b-444b-b9d0-63c72527a99f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3397900%40login-register-using-jwt\u0026new=3397900%40login-register-using-jwt\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-06T19:00:51.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-18T17:17:49.000Z",
"value": "Disclosed"
}
],
"title": "WP Login and Register using JWT \u003c= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12822",
"datePublished": "2025-11-19T05:45:15.251Z",
"dateReserved": "2025-11-06T18:44:15.837Z",
"dateUpdated": "2026-04-08T17:10:14.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11255 (GCVE-0-2025-11255)
Vulnerability from cvelistv5 – Published: 2025-10-25 06:49 – Updated: 2026-04-08 16:58
VLAI
Title
Password Policy Manager | Password Manager <= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log Out
Summary
The Password Policy Manager | Password Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'moppm_ajax' AJAX endpoint in all versions up to, and including, 2.0.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to log out the site's connection to miniorange.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Password Policy Manager | Password Manager |
Affected:
0 , ≤ 2.0.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11255",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:52:15.899267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:52:24.137Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Password Policy Manager | Password Manager",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "2.0.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Password Policy Manager | Password Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027moppm_ajax\u0027 AJAX endpoint in all versions up to, and including, 2.0.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to log out the site\u0027s connection to miniorange."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:03.666Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/66ac51f9-3571-4e07-a110-afec43abab37?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3381127%40password-policy-manager\u0026new=3381127%40password-policy-manager\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-24T18:09:09.000Z",
"value": "Disclosed"
}
],
"title": "Password Policy Manager | Password Manager \u003c= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log Out"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11255",
"datePublished": "2025-10-25T06:49:22.427Z",
"dateReserved": "2025-10-03T12:01:49.445Z",
"dateUpdated": "2026-04-08T16:58:03.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10750 (GCVE-0-2025-10750)
Vulnerability from cvelistv5 – Published: 2025-10-18 07:26 – Updated: 2026-04-08 17:26
VLAI
Title
PowerBI Embed Reports <= 1.2.0 - Unauthenticated Sensitive Information Disclosure
Summary
The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.2.0. This is due to missing capability checks and authentication verification on the 'testUser' endpoint accessible via the mo_epbr_admin_observer() function hooked on 'init'. This makes it possible for unauthenticated attackers to access sensitive Azure AD user information including personal identifiable information (PII) such as displayName, mail, phones, department, or detailed OAuth error data including Azure AD Application/Client IDs, error codes, trace IDs, and correlation IDs.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | PowerBI Embed Reports |
Affected:
0 , ≤ 1.2.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T17:36:21.330234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T17:37:10.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerBI Embed Reports",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.2.0. This is due to missing capability checks and authentication verification on the \u0027testUser\u0027 endpoint accessible via the mo_epbr_admin_observer() function hooked on \u0027init\u0027. This makes it possible for unauthenticated attackers to access sensitive Azure AD user information including personal identifiable information (PII) such as displayName, mail, phones, department, or detailed OAuth error data including Azure AD Application/Client IDs, error codes, trace IDs, and correlation IDs."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:26:45.880Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d830c2eb-16e8-425c-ac46-a467a2fd0133?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embed-power-bi-reports/tags/1.2.0/embed-microsoft-power-bi-reports.php#L75"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embed-power-bi-reports/tags/1.2.0/Observer/adminObserver.php#L54"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embed-power-bi-reports/tags/1.2.0/Observer/adminObserver.php#L265"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3369956%40embed-power-bi-reports\u0026new=3369956%40embed-power-bi-reports\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-17T19:06:40.000Z",
"value": "Disclosed"
}
],
"title": "PowerBI Embed Reports \u003c= 1.2.0 - Unauthenticated Sensitive Information Disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10750",
"datePublished": "2025-10-18T07:26:32.267Z",
"dateReserved": "2025-09-19T20:28:14.943Z",
"dateUpdated": "2026-04-08T17:26:45.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10648 (GCVE-0-2025-10648)
Vulnerability from cvelistv5 – Published: 2025-10-15 08:25 – Updated: 2026-04-08 16:38
VLAI
Title
Login with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes'
Summary
The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moym_display_test_attributes' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to read the profile data of the latest SSO login.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Login with YourMembership – YM SSO Login |
Affected:
0 , ≤ 1.1.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T15:13:11.438570Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T15:25:33.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Login with YourMembership \u2013 YM SSO Login",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The YourMembership Single Sign On \u2013 YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027moym_display_test_attributes\u0027 function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to read the profile data of the latest SSO login."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:38:18.146Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1bb25412-8f63-4a9d-84bd-44fac59c6eed?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/login-with-yourmembership/trunk/class-moym-sso.php#L88"
},
{
"url": "https://plugins.trac.wordpress.org/browser/login-with-yourmembership/trunk/class-moym-sso.php#L112"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3389623/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-29T20:50:51.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-14T19:58:07.000Z",
"value": "Disclosed"
}
],
"title": "Login with YourMembership - YM SSO Login \u003c= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via \u0027moym_display_test_attributes\u0027"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10648",
"datePublished": "2025-10-15T08:25:50.573Z",
"dateReserved": "2025-09-17T18:07:31.865Z",
"dateUpdated": "2026-04-08T16:38:18.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9485 (GCVE-0-2025-9485)
Vulnerability from cvelistv5 – Published: 2025-10-04 02:24 – Updated: 2026-04-08 17:25
VLAI
Title
OAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Authentication Bypass via get_resource_owner_from_id_token()
Summary
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 6.26.12. This is due to the plugin performing unsafe JWT token processing without verification or validation in the `get_resource_owner_from_id_token` function. This makes it possible for unauthenticated attackers to bypass authentication and gain access to any existing user account - including administrators in certain configurations - or to create arbitrary subscriber-level accounts.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | OAuth Single Sign On – SSO (OAuth Client) |
Affected:
0 , ≤ 6.26.12
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T14:14:07.678306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T14:16:32.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OAuth Single Sign On \u2013 SSO (OAuth Client)",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "6.26.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 6.26.12. This is due to the plugin performing unsafe JWT token processing without verification or validation in the `get_resource_owner_from_id_token` function. This makes it possible for unauthenticated attackers to bypass authentication and gain access to any existing user account - including administrators in certain configurations - or to create arbitrary subscriber-level accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:25:21.100Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2448afc-70d1-4dd5-b73b-62d182ee9a8a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-login-with-eve-online-google-facebook/tags/6.26.12/class-mooauth-widget.php#L577"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3360768/miniorange-login-with-eve-online-google-facebook"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-15T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-10-03T14:11:31.000Z",
"value": "Disclosed"
}
],
"title": "OAuth Single Sign On \u2013 SSO (OAuth Client) \u003c= 6.26.12 - Authentication Bypass via get_resource_owner_from_id_token()"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-9485",
"datePublished": "2025-10-04T02:24:37.169Z",
"dateReserved": "2025-08-26T08:59:36.029Z",
"dateUpdated": "2026-04-08T17:25:21.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10746 (GCVE-0-2025-10746)
Vulnerability from cvelistv5 – Published: 2025-10-04 02:24 – Updated: 2026-04-08 17:17
VLAI
Title
Integrate Dynamics 365 CRM <= 1.0.9 - Missing Authorization
Summary
The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.9. This is due to missing capability checks and nonce verification on functions hooked to 'init'. This makes it possible for unauthenticated attackers to deactivate the plugin, tamper with OAuth configuration, and trigger test connections that expose sensitive data via direct request to vulnerable endpoints granted they can craft malicious requests with specific parameters.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Integrate Dynamics 365 CRM |
Affected:
0 , ≤ 1.0.9
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T14:14:34.144280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T14:16:41.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Integrate Dynamics 365 CRM",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.0.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.9. This is due to missing capability checks and nonce verification on functions hooked to \u0027init\u0027. This makes it possible for unauthenticated attackers to deactivate the plugin, tamper with OAuth configuration, and trigger test connections that expose sensitive data via direct request to vulnerable endpoints granted they can craft malicious requests with specific parameters."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:17:42.526Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7fb23e8-dabb-4d6e-a2b2-2b27d6a38b3c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/tags/1.0.9/Observer/adminObserver.php#L26"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/tags/1.0.9/integrate-dynamics-365-crm.php#L48"
},
{
"url": "https://plugins.trac.wordpress.org/browser/integrate-dynamics-365-crm/trunk/Observer/class-adminobserver.php?rev=3370266#L71"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-03T14:18:24.000Z",
"value": "Disclosed"
}
],
"title": "Integrate Dynamics 365 CRM \u003c= 1.0.9 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10746",
"datePublished": "2025-10-04T02:24:36.757Z",
"dateReserved": "2025-09-19T19:39:41.942Z",
"dateUpdated": "2026-04-08T17:17:42.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10752 (GCVE-0-2025-10752)
Vulnerability from cvelistv5 – Published: 2025-09-26 01:47 – Updated: 2026-04-08 17:30
VLAI
Title
OAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Cross-Site Request Forgery
Summary
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.26.12. This is due to using a predictable state parameter (base64 encoded app name) without any randomness in the OAuth flow. This makes it possible for unauthenticated attackers to forge OAuth authorization requests and potentially hijack the OAuth flow via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | OAuth Single Sign On – SSO (OAuth Client) |
Affected:
0 , ≤ 6.26.12
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10752",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-26T19:24:31.437473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T19:24:44.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OAuth Single Sign On \u2013 SSO (OAuth Client)",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "6.26.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.26.12. This is due to using a predictable state parameter (base64 encoded app name) without any randomness in the OAuth flow. This makes it possible for unauthenticated attackers to forge OAuth authorization requests and potentially hijack the OAuth flow via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:30:41.766Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8d7e8f3-e8ff-460f-a343-807bcdb865dc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-login-with-eve-online-google-facebook/tags/6.26.12/class-mooauth-widget.php#L285"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3360768%40miniorange-login-with-eve-online-google-facebook\u0026new=3360768%40miniorange-login-with-eve-online-google-facebook\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-25T13:34:18.000Z",
"value": "Disclosed"
}
],
"title": "OAuth Single Sign On \u2013 SSO (OAuth Client) \u003c= 6.26.12 - Cross-Site Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10752",
"datePublished": "2025-09-26T01:47:27.527Z",
"dateReserved": "2025-09-19T20:37:57.485Z",
"dateUpdated": "2026-04-08T17:30:41.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7665 (GCVE-0-2025-7665)
Vulnerability from cvelistv5 – Published: 2025-09-19 12:27 – Updated: 2025-09-19 13:05
VLAI
Title
Miniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege Escalation
Summary
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'handle_mofirebase_form_options' function in versions 3.1.0 to 3.6.2. This makes it possible for unauthenticated attackers to update the default role to Administrator. Premium features must be enabled in order to exploit the vulnerability.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | Miniorange OTP Verification with Firebase |
Affected:
3.1.0 , ≤ 3.6.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7665",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T13:04:59.600598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T13:05:05.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Miniorange OTP Verification with Firebase",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "3.6.2",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kenneth Dunn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the \u0027handle_mofirebase_form_options\u0027 function in versions 3.1.0 to 3.6.2. This makes it possible for unauthenticated attackers to update the default role to Administrator. Premium features must be enabled in order to exploit the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T12:27:36.481Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9a02910-5674-4266-ab6e-7926bf6adecc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-firebase-sms-otp-verification/trunk/handler/forms/class-registrationform.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:13:56.000Z",
"value": "Disclosed"
}
],
"title": "Miniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7665",
"datePublished": "2025-09-19T12:27:36.481Z",
"dateReserved": "2025-07-14T21:34:58.243Z",
"dateUpdated": "2025-09-19T13:05:05.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9891 (GCVE-0-2025-9891)
Vulnerability from cvelistv5 – Published: 2025-09-17 01:53 – Updated: 2026-04-08 16:59
VLAI
Title
User Sync – Remote User Sync <= 1.0.2 - Cross-Site Request Forgery to Plugin Deactivation
Summary
The User Sync – Remote User Sync plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the mo_user_sync_form_handler() function. This makes it possible for unauthenticated attackers to deactivate the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberlord92 | User Sync |
Affected:
0 , ≤ 1.0.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9891",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:09:20.554042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:09:26.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Sync",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "1.0.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Sync \u2013 Remote User Sync plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the mo_user_sync_form_handler() function. This makes it possible for unauthenticated attackers to deactivate the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:59:00.382Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b60777e-6e07-42bd-9364-43367e209227?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-sync/tags/1.0.1/mo-user-sync-main.php#L118"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3360328%40user-sync\u0026new=3360328%40user-sync\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-16T13:49:44.000Z",
"value": "Disclosed"
}
],
"title": "User Sync \u2013 Remote User Sync \u003c= 1.0.2 - Cross-Site Request Forgery to Plugin Deactivation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-9891",
"datePublished": "2025-09-17T01:53:14.331Z",
"dateReserved": "2025-09-02T22:59:56.638Z",
"dateUpdated": "2026-04-08T16:59:00.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8420 (GCVE-0-2025-8420)
Vulnerability from cvelistv5 – Published: 2025-08-06 02:24 – Updated: 2026-04-08 16:56
VLAI
Title
Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution
Summary
Multiple plugins for WordPress by emarket-design with the 'emd-form-builder-lite' package are vulnerable to Remote Code Execution in various versions via the emd_form_builder_lite_pagenum function. This is due to the plugin not properly validating user input before using it as a function name. This makes it possible for unauthenticated attackers to execute code on the server, however, parameters can not be passed to the functions called
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Assigner
References
9 references
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress |
Affected:
0 , ≤ 1.9.2
(semver)
|
|
| emarket-design | Request a Quote Form Plugin – Price Quote Request Management Made Easy |
Affected:
0 , ≤ 2.5.2
(semver)
|
|
| emarket-design | Video Gallery – YouTube Gallery & Responsive Video Playlist |
Affected:
0 , ≤ 3.5.2
(semver)
|
|
| emarket-design | Simple Contact Form Plugin for WordPress – WP Easy Contact |
Affected:
0 , ≤ 4.0.2
(semver)
|
|
| emarket-design | Event RSVP and Simple Event Management Plugin |
Affected:
0 , ≤ 4.2.1
(semver)
|
|
| cyberlord92 | Employee Directory – Staff Directory and Listing |
Affected:
0 , ≤ 4.5.2
(semver)
|
|
| emarket-design | Project Management, Bug and Issue Tracking Plugin – Software Issue Manager |
Affected:
0 , ≤ 5.0.0
(semver)
|
|
| emarket-design | Customer Support Ticket System & Helpdesk Plugin for WordPress |
Affected:
0 , ≤ 6.0.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8420",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-06T13:36:13.606539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-06T13:36:32.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Campus Directory \u2013 Faculty, Staff \u0026 Student Directory Plugin for WordPress",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "1.9.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Request a Quote Form Plugin \u2013 Price Quote Request Management Made Easy",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "2.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Video Gallery \u2013 YouTube Gallery \u0026 Responsive Video Playlist",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "3.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Simple Contact Form Plugin for WordPress \u2013 WP Easy Contact",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Event RSVP and Simple Event Management Plugin",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "4.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Employee Directory \u2013 Staff Directory and Listing",
"vendor": "cyberlord92",
"versions": [
{
"lessThanOrEqual": "4.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Project Management, Bug and Issue Tracking Plugin \u2013 Software Issue Manager",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "5.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Customer Support Ticket System \u0026 Helpdesk Plugin for WordPress",
"vendor": "emarket-design",
"versions": [
{
"lessThanOrEqual": "6.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Mazzolini"
},
{
"lang": "en",
"type": "finder",
"value": "Youcef Hamdani"
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple plugins for WordPress by emarket-design with the \u0027emd-form-builder-lite\u0027 package are vulnerable to Remote Code Execution in various versions via the emd_form_builder_lite_pagenum function. This is due to the plugin not properly validating user input before using it as a function name. This makes it possible for unauthenticated attackers to execute code on the server, however, parameters can not be passed to the functions called"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-95",
"description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:56:28.904Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/601aa2b5-aeac-49bc-960d-4b4ff83e9229?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3338854%40request-a-quote\u0026new=3338854%40request-a-quote\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3340992%40software-issue-manager\u0026new=3340992%40software-issue-manager\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3341064%40wp-ticket\u0026new=3341064%40wp-ticket\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3346435/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3346460/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3347084/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3348220%40wp-easy-events\u0026new=3348220%40wp-easy-events\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3365190%40youtube-showcase\u0026new=3365190%40youtube-showcase\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-31T14:51:03.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-08-05T13:47:52.000Z",
"value": "Disclosed"
}
],
"title": "Multiple Plugins by emarket-design \u003c= Multiple Versions - Unauthenticated Limited Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8420",
"datePublished": "2025-08-06T02:24:12.120Z",
"dateReserved": "2025-07-31T14:35:50.620Z",
"dateUpdated": "2026-04-08T16:56:28.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}