CVE-2025-62029
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in themesion Grevo grevo.This issue affects Grevo: from n/a through
Tagged: Cybersecurity Alert
CVE-2025-62042
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through
CVE-2025-62048
Missing Authorization vulnerability in WPMU DEV – Your All-in-One WordPress Platform SmartCrawl smartcrawl-seo.This issue affects SmartCrawl: from n/a through
CVE-2025-62052
Missing Authorization vulnerability in Horea Radu One Page Express Companion one-page-express-companion.This issue affects One Page Express Companion: from n/a through
CVE-2025-62054
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in favethemes Houzez Theme – Functionality houzez-theme-functionality.This issue affects Houzez Theme – Functionality: from n/a through
CVE-2025-62058
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in favethemes Houzez Theme – Functionality houzez-theme-functionality.This issue affects Houzez Theme – Functionality: from n/a through < 4.2.0. More information : https://vdp.patchstack.com/database/Wordpress/Plugin/houzez-theme-functionality/vulnerability/wordpress-houzez-theme-functionality-plugin-4-2-0-cross-site-scripting-xss-vulnerability
CVE-2025-62024
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jonathan Jernigan Pie Calendar pie-calendar.This issue affects Pie Calendar: from n/a through
CVE-2025-62025
Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch.This issue affects JobSearch: from n/a through < 3.0.8. More information : https://vdp.patchstack.com/database/Wordpress/Plugin/wp-jobsearch/vulnerability/wordpress-jobsearch-plugin-3-0-8-php-object-injection-vulnerability
CVE-2025-62015
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through
CVE-2025-62019
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor recipe-card-blocks-by-wpzoom.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through
CVE-2025-62020
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Infomaniak Network VOD Infomaniak vod-infomaniak.This issue affects VOD Infomaniak: from n/a through
CVE-2025-62021
Missing Authorization vulnerability in Made Neat Acknowledgify acknowledgify.This issue affects Acknowledgify: from n/a through
CVE-2025-62022
Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through
CVE-2025-62023
Improper Control of Generation of Code (‘Code Injection’) vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through