Refine your search
5 vulnerabilities found for by roxnor
CVE-2025-63057 (GCVE-0-2025-63057)
Vulnerability from cvelistv5
Published
2025-12-09 14:52
Modified
2025-12-09 16:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Roxnor | Wp Ultimate Review |
Version: n/a < |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-63057",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T16:49:32.521060Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T16:50:09.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-ultimate-review",
"product": "Wp Ultimate Review",
"vendor": "Roxnor",
"versions": [
{
"lessThanOrEqual": "\u003c= 2.3.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "zaim | Patchstack Bug Bounty Program"
}
],
"datePublic": "2025-12-09T15:51:09.226Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS.\u003cp\u003eThis issue affects Wp Ultimate Review: from n/a through \u003c= 2.3.6.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS.This issue affects Wp Ultimate Review: from n/a through \u003c= 2.3.6."
}
],
"impacts": [
{
"capecId": "CAPEC-588",
"descriptions": [
{
"lang": "en",
"value": "DOM-Based XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T14:52:32.998Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/wp-ultimate-review/vulnerability/wordpress-wp-ultimate-review-plugin-2-3-6-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Wp Ultimate Review plugin \u003c= 2.3.6 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-63057",
"datePublished": "2025-12-09T14:52:32.998Z",
"dateReserved": "2025-10-24T14:26:32.478Z",
"dateUpdated": "2025-12-09T16:50:09.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13620 (GCVE-0-2025-13620)
Vulnerability from cvelistv5
Published
2025-12-05 10:57
Modified
2025-12-05 12:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to missing authorization in versions up to, and including, 3.1.3. This is due to the REST routes wslu/v1/check_cache/{type}, wslu/v1/save_cache/{type}, and wslu/v1/settings/clear_counter_cache being registered with permission_callback set to __return_true and lacking capability or nonce validation in their handlers. This makes it possible for unauthenticated attackers to clear or overwrite the social counter cache via crafted REST requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| roxnor | Wp Social Login and Register Social Counter |
Version: * ≤ 3.1.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-05T12:21:45.363829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T12:21:58.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wp Social Login and Register Social Counter",
"vendor": "roxnor",
"versions": [
{
"lessThanOrEqual": "3.1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to missing authorization in versions up to, and including, 3.1.3. This is due to the REST routes wslu/v1/check_cache/{type}, wslu/v1/save_cache/{type}, and wslu/v1/settings/clear_counter_cache being registered with permission_callback set to __return_true and lacking capability or nonce validation in their handlers. This makes it possible for unauthenticated attackers to clear or overwrite the social counter cache via crafted REST requests."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T10:57:55.576Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4fa205d7-61ce-4ab9-b532-fd0b46b0f6a0?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3402340/wp-social/tags/3.1.4/inc/admin-rest-api.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-24T20:59:48.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-04T21:44:40.000+00:00",
"value": "Disclosed"
}
],
"title": "Wp Social Login and Register Social Counter \u003c= 3.1.3 - Missing Authorization in Cache REST Endpoints to Social Counter Tampering"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13620",
"datePublished": "2025-12-05T10:57:55.576Z",
"dateReserved": "2025-11-24T20:43:17.834Z",
"dateUpdated": "2025-12-05T12:21:58.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12358 (GCVE-0-2025-12358)
Vulnerability from cvelistv5
Published
2025-12-03 12:29
Modified
2025-12-03 13:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.5. This is due to missing nonce validation on the "post_add_to_list" function as well as an incorrect permissions callback in the "Api/init" function. This makes it possible for unauthenticated attackers to add or remove products from a user's wishlist via a forged request granted they can trick a site's user into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| roxnor | ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution |
Version: * ≤ 4.8.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T13:58:26.093699Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T13:58:46.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopEngine Elementor WooCommerce Builder Addon \u2013 All in One WooCommerce Solution",
"vendor": "roxnor",
"versions": [
{
"lessThanOrEqual": "4.8.5",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adrian Lukita"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.5. This is due to missing nonce validation on the \"post_add_to_list\" function as well as an incorrect permissions callback in the \"Api/init\" function. This makes it possible for unauthenticated attackers to add or remove products from a user\u0027s wishlist via a forged request granted they can trick a site\u0027s user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T12:29:55.836Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ed605a1-9544-4b53-8d62-ad89214a4fb8?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3401226/shopengine"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-14T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-10-27T16:26:34.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-02T23:42:11.000+00:00",
"value": "Disclosed"
}
],
"title": "ShopEngine \u003c= 4.8.5 - Cross-Site Request Forgery to Wishlist Manipulation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12358",
"datePublished": "2025-12-03T12:29:55.836Z",
"dateReserved": "2025-10-27T16:10:11.719Z",
"dateUpdated": "2025-12-03T13:58:46.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11888 (GCVE-0-2025-11888)
Vulnerability from cvelistv5
Published
2025-10-25 05:31
Modified
2025-10-27 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the post_deactive() function and post_activate() function in all versions up to, and including, 4.8.4. This makes it possible for authenticated attackers, with Editor-level access and above, to activate and deactivate licenses.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| roxnor | ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution |
Version: * ≤ 4.8.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T16:00:21.993915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T16:00:31.674Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopEngine Elementor WooCommerce Builder Addon \u2013 All in One WooCommerce Solution",
"vendor": "roxnor",
"versions": [
{
"lessThanOrEqual": "4.8.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopEngine Elementor WooCommerce Builder Addon \u2013 All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the post_deactive() function and post_activate() function in all versions up to, and including, 4.8.4. This makes it possible for authenticated attackers, with Editor-level access and above, to activate and deactivate licenses."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-25T05:31:21.952Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7bdadc84-0cfb-4bec-aeb9-f59f205d269b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3381211/shopengine/tags/4.8.5/libs/license/license-route.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-16T18:58:03.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-24T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ShopEngine Elementor WooCommerce Builder Addon \u2013 All in One WooCommerce Solution \u003c= 4.8.4 - Incorrect Authorization to Authenticated (Editor+) License Status Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11888",
"datePublished": "2025-10-25T05:31:21.952Z",
"dateReserved": "2025-10-16T18:42:51.068Z",
"dateUpdated": "2025-10-27T16:00:31.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10861 (GCVE-0-2025-10861)
Vulnerability from cvelistv5
Published
2025-10-24 11:25
Modified
2025-10-24 12:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Summary
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4. This is due to insufficient validation on the URLs supplied via the URL parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services, as well as conduct network reconnaissance. The vulnerability was partially patched in version 2.1.4.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| roxnor | Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers |
Version: * ≤ 2.1.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T12:18:58.704704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T12:29:54.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers",
"vendor": "roxnor",
"versions": [
{
"lessThanOrEqual": "2.1.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rafshanzani Suhada"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4. This is due to insufficient validation on the URLs supplied via the URL parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services, as well as conduct network reconnaissance. The vulnerability was partially patched in version 2.1.4."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T11:25:45.885Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f4767b5-5dd6-4a2a-b44a-5297432286b1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/popup-builder-block/tags/2.1.2/includes/Routes/FetchDemo.php#L35"
},
{
"url": "https://plugins.trac.wordpress.org/browser/popup-builder-block/tags/2.1.2/includes/Routes/FetchDemo.php#L15"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3369146/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3379308/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-22T23:31:57.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-23T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers \u003c= 2.1.4 - Unauthenticated Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10861",
"datePublished": "2025-10-24T11:25:45.885Z",
"dateReserved": "2025-09-22T22:56:11.517Z",
"dateUpdated": "2025-10-24T12:29:54.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}