WordPress

CVE-2026-1581 WordPress wpForo Forum Plugin is vulnerable to a high priority SQL Injection Overview Published: 2026-02-19 CVE-ID: CVE-2026-1581 CVSS: 7.5 Affected Plugin: WordPress wpForo Forum Plugin Affected Versions: <= 2.4.14 Vulnerability Type: High priority SQL Injection CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command. Description The wpForo Forum plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpfob’ parameter in all versions up to, and including, 2.4.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. ...

CVE-2026-0702 WordPress VidShop Plugin <= 1.1.4 is vulnerable to a high priority SQL Injection VidShop Plugin Vulnerable to SQL Injection Overview Published: 2026-01-28 CVE-ID: CVE-2026-0702 CVSS: 7.5 High Affected Plugin: VidShop Plugin Affected Versions: <= 1.1.4 Vulnerability Type: High priority SQL Injection CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command Description The VidShop – Shoppable Videos for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the ‘fields’ parameter in all versions up to, and including, 1.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. ...

CVE-2026-23550 WordPress Modular DS Plugin <= 2.5.1 is vulnerable to a high priority Privilege Escalation WordPress Modular DS Plugin Privilege Escalation Vulnerability Overview Published: 2026-01-14 CVE-ID: CVE-2026-23550 CVSS: 10.0 Critical (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) Affected Plugin: WordPress Modular DS Plugin Affected Versions: <= 2.5.1 Vulnerability Type: High priority Privilege Escalation CWE: CWE-266 Incorrect Privilege Assignment Description Incorrect Privilege Assignment vulnerability in Modular DS allows Privilege Escalation.This issue affects Modular DS: from n/a through 2.5.1. ...

CVE-2026-3459 WordPress Drag and Drop Multiple File Upload – Contact Form 7 Plugin <= 1.3.9.5 is vulnerable to a high priority Arbitrary File Upload Overview Published: 2026-03-05 CVE-ID: CVE-2026-3459 CVSS: 8.1 High Affected Plugin: Drag and Drop Multiple File Upload – Contact Form 7 Plugin Affected Versions: <= 1.3.9.5 Vulnerability Type: Arbitrary File Upload CWE: CWE-434 Unrestricted Upload of File with Dangerous Type Description The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible. This can be exploited if the form includes a multiple file upload field with ‘*’ as the accepted file type. ...

CVE-2026-2511 JS Help Desk – AI-Powered Support & Ticketing System <= 3.0.4 - Unauthenticated SQL Injection via ‘multiformid’ Parameter Overview Published: 2026-03-26 CVE-ID: CVE-2026-2511 CVSS: 7.5 High Affected Plugin: JS Help Desk – AI-Powered Support & Ticketing System Affected Versions: <= 3.0.4 Vulnerability Type: Unauthenticate SQL Injection CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command Description The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the multiformid parameter in the storeTickets() function in all versions up to, and including, 3.0.4. This is due to the user-supplied multiformid value being passed to esc_sql() without enclosing the result in quotes in the SQL query, rendering the escaping ineffective against payloads that do not contain quote characters. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. ...

CVE-2026-2232 Product Table and List Builder for WooCommerce Lite Vulnerable To Unauthenticated Time-Based SQL Injection via ‘search’ Parameter Overview Published: 2026-02-19 CVE-ID: CVE-2026-2232 CVSS: 7.5 High Affected Plugin: Product Table and List Builder for WooCommerce Lite Affected Versions: <= 4.6.2 Vulnerability Type: Unauthenticate Time-Based SQL Injection CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command Description The Product Table and List Builder for WooCommerce Lite plugin for WordPress is vulnerable to time-based SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. ...

WordPress HT Contact Form 7 Plugin <= 2.2.1 is vulnerable to a high priority Arbitrary File Upload Overview Published: 2025-07-15 CVE-ID: CVE-2025-7340 CVSS: 10 Critical Affected Plugin: WordPress HT Contact Form 7 Plugin Affected Versions: <= 2.2.1 Vulnerability Type: High priority Arbitrary File Upload CWE: CWE-434 Unrestricted Upload of File with Dangerous Type Description The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the temp_file_upload function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible. ...

CVE-2025-13329 File Uploader for WooCommerce <= 1.0.3 - Unauthenticated Arbitrary File Upload via add-image-data File Uploader for WooCommerce Plugin Overview Published: 2025-12-20 CVE-ID: CVE-2025-13329 Affected Plugin: File Uploader for WooCommerce Affected Versions: <= 1.0.3 Vulnerability Type: Unauthenticated Arbitrary File Upload via add-image-data CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type Description The File Uploader for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the callback function for the ‘add-image-data’ REST API endpoint in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to upload arbitrary files to the Uploadcare service and subsequently download them on the affected site’s server which may make remote code execution possible. ...

CVE-2025-68519 WordPress Brands for WooCommerce Plugin <= 3.8.6.3 is vulnerable to SQL Injection WordPress Brands for WooCommerce Plugin Overview Published: 2025-12-24 CVE ID: CVE-2025-68519 Affected Plugin: WordPress Brands for WooCommerce Affected Versions: <= 3.8.6.3 Vulnerability Type: SQL Injection vulnerability Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through <= 3.8.6.3. ...

WordPress Shipping Rate By Cities Plugin Overview CVE ID: CVE-2025-14770 Affected Plugin: Shipping Rate By Cities Affected Versions: ≤ 2.0.0 Vulnerability Type: Unauthenticated SQL Injection Attack Vector: Network Authentication Required: No Description The Shipping Rate By Cities WordPress plugin contains an unauthenticated SQL Injection vulnerability in versions up to 2.0.0. The issue originates from unsafe handling of the city parameter, which is concatenated directly into an SQL query without proper preparation. ...