| 2025-03-19 | CVE-2024-13442 | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0. network low complexity CWE-288 critical | 9.8 |
| 2025-03-14 | CVE-2024-13771 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. | 5.9 |
| 2025-03-14 | CVE-2024-13772 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. | 5.9 |
| 2025-03-14 | CVE-2024-11286 | The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1. network low complexity CWE-288 critical | 9.8 |
| 2025-03-12 | CVE-2024-13446 | The Workreap plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.2.5. network low complexity CWE-288 critical | 9.8 |
| 2025-03-07 | CVE-2024-9658 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Dasinfomedia School Management System
The School Management System for Wordpress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 93.0.0. | 8.8 |
| 2025-03-07 | CVE-2025-1315 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Sfwebservice Injob
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. | 9.8 |
| 2025-03-07 | CVE-2025-0749 | The Homey theme for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.3. | 8.1 |
| 2025-03-05 | CVE-2025-1515 | The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8. network low complexity CWE-288 critical | 9.8 |
| 2025-03-01 | CVE-2025-1564 | The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. network low complexity CWE-288 critical | 9.8 |