Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.1 CVE-2025-69171

WordPress Orpheus theme <= 1.3 - Local File Inclusion vulnerability_CVE-2025-69171

Unauthenticated Local File Inclusion in Orpheus

ThemeREX Orpheus n/a CVE
HIGH 8.1 CVE-2025-69161

WordPress Snowy theme <= 1.13 - Local File Inclusion vulnerability_CVE-2025-69161

Unauthenticated Local File Inclusion in Snowy

ThemeREX Snowy n/a CVE
HIGH 8.1 CVE-2025-69148

WordPress Quirky theme <= 1.23 - Local File Inclusion vulnerability_CVE-2025-69148

Unauthenticated Local File Inclusion in Quirky

ThemeREX Quirky n/a CVE
HIGH 8.1 CVE-2025-69145

WordPress Gat theme <= 1.16 - Local File Inclusion vulnerability_CVE-2025-69145

Unauthenticated Local File Inclusion in Gat

ThemeREX Gat n/a CVE
HIGH 8.8 CVE-2025-69138

WordPress Genemy theme <= 1.6.6 - Privilege Escalation vulnerability_CVE-2025-69138

Subscriber Privilege Escalation in Genemy

Jthemes Genemy n/a CVE
HIGH 8.5 CVE-2025-69135

WordPress Events Schedule – WordPress Events Calendar Plugin plugin <= 2.7.2 - SQL Injection vulnerability_CVE-2025-69135

Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin

CurlyThemes Events Schedule - WordPress Events Calendar Plugin n/a CVE
CRITICAL 10 CVE-2025-69129

WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Upload vulnerability_CVE-2025-69129

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site

Extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site n/a CVE
HIGH 8.1 CVE-2025-69117

WordPress Ingenioso theme <= 1.14.0 - Local File Inclusion vulnerability_CVE-2025-69117

Unauthenticated Local File Inclusion in Ingenioso

ThemeREX Ingenioso n/a CVE
HIGH 8.1 CVE-2025-69110

WordPress AirSupply theme <= 2.0.0 - Local File Inclusion vulnerability_CVE-2025-69110

Unauthenticated Local File Inclusion in AirSupply

ThemeREX AirSupply n/a CVE
HIGH 7.7 CVE-2025-60223

WordPress WPBot Pro WordPress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerability_CVE-2025-60223

Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot

QuantumCloud WPBot Pro Wordpress Chatbot n/a CVE