Medium - CVE-2025-6059 - The Seraphinite Accelerator plugin for...
The Seraphinite Accelerator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.27.21. This is due to missing or incorrect nonce validation on...
High - CVE-2025-3234 - The File Manager Pro – Filester plugin for...
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.8.8. This makes it possible...
High - CVE-2025-5487 - The AutomatorWP – Automator plugin for no-code...
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the field_conditions...