Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit f1ef2b20d162 · 2026-01-17T09:32:37.000Z
GHSA-39gg-vpq3-pjg4 GHSA-4qr6-cjv5-78xj GHSA-5x2v-mrh5-prvx GHSA-7cqg-9cwh-9w83 GHSA-7rjf-vvpp-3vfc GHSA-gp72-rgfw-gwgp GHSA-h4hg-xmrj-3c6w GHSA-hj72-p4c8-2pp4 GHSA-rp6q-fg2m-9fcv GHSA-v766-7x5c-f752
diff --git a/advisories/unreviewed/2026/01/GHSA-39gg-vpq3-pjg4/GHSA-39gg-vpq3-pjg4.json b/advisories/unreviewed/2026/01/GHSA-39gg-vpq3-pjg4/GHSA-39gg-vpq3-pjg4.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-39gg-vpq3-pjg4",
+  "modified": "2026-01-17T09:31:15Z",
+  "published": "2026-01-17T09:31:15Z",
+  "aliases": [
+    "CVE-2025-8615"
+  ],
+  "details": "The CubeWP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cubewp_shortcode_taxonomy shortcode in all versions up to, and including, 1.1.26 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8615"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3362001#file10"
+    },
+    {
+      "type": "WEB",
+      "url": "https://wordpress.org/plugins/cubewp-framework/#developers"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/efc2baf0-38d9-44be-b439-3585b2f1d4a5?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T09:15:51Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-4qr6-cjv5-78xj/GHSA-4qr6-cjv5-78xj.json b/advisories/unreviewed/2026/01/GHSA-4qr6-cjv5-78xj/GHSA-4qr6-cjv5-78xj.json
@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4qr6-cjv5-78xj",
+  "modified": "2026-01-17T09:31:14Z",
+  "published": "2026-01-17T09:31:14Z",
+  "aliases": [
+    "CVE-2025-14478"
+  ],
+  "details": "The Demo Importer Plus plugin for WordPress is vulnerable to XML External Entity Injection (XXE) in all versions up to, and including, 2.0.9 via the SVG file upload functionality. This makes it possible for authenticated attackers, with Author-level access and above, to achieve code execution in vulnerable configurations. This only impacts sites on versions of PHP older than 8.0.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14478"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/demo-importer-plus/tags/2.0.6/inc/importers/class-demo-importer-plus-sites-helper.php#L88"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/demo-importer-plus/trunk/inc/importers/class-demo-importer-plus-sites-helper.php#L88"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3439643/demo-importer-plus/trunk/inc/importers/class-demo-importer-plus-sites-helper.php"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2971aa0-8287-4142-bd04-7aec1ed92e7b?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-611"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T08:15:51Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-5x2v-mrh5-prvx/GHSA-5x2v-mrh5-prvx.json b/advisories/unreviewed/2026/01/GHSA-5x2v-mrh5-prvx/GHSA-5x2v-mrh5-prvx.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5x2v-mrh5-prvx",
+  "modified": "2026-01-17T09:31:15Z",
+  "published": "2026-01-17T09:31:15Z",
+  "aliases": [
+    "CVE-2025-10484"
+  ],
+  "details": "The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.1. This is due to the plugin not properly verifying a users identity prior to authenticating them via the fma_lwp_set_session_php_fun() function. This makes it possible for unauthenticated attackers to authenticate as any user on the site, including administrators, without a valid password.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10484"
+    },
+    {
+      "type": "WEB",
+      "url": "https://woocommerce.com/products/registration-login-with-mobile-phone-number"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6aef6fbb-be8c-49e1-ada5-7b4aa8b2ff72?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-288"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T09:15:50Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-7cqg-9cwh-9w83/GHSA-7cqg-9cwh-9w83.json b/advisories/unreviewed/2026/01/GHSA-7cqg-9cwh-9w83/GHSA-7cqg-9cwh-9w83.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7cqg-9cwh-9w83",
+  "modified": "2026-01-17T09:31:14Z",
+  "published": "2026-01-17T09:31:14Z",
+  "aliases": [
+    "CVE-2025-12129"
+  ],
+  "details": "The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the /cubewp-posts/v1/query-new and /cubewp-posts/v1/query REST API endpoints due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12129"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3422640/cubewp-framework/trunk/cube/classes/class-cubewp-rest-api.php"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2006dc4c-ec1a-45ab-94a3-1f86d80e70ca?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-200"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T08:15:50Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-7rjf-vvpp-3vfc/GHSA-7rjf-vvpp-3vfc.json b/advisories/unreviewed/2026/01/GHSA-7rjf-vvpp-3vfc/GHSA-7rjf-vvpp-3vfc.json
@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7rjf-vvpp-3vfc",
+  "modified": "2026-01-17T09:31:14Z",
+  "published": "2026-01-17T09:31:14Z",
+  "aliases": [
+    "CVE-2026-0833"
+  ],
+  "details": "The Team Section Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user-supplied social network link URLs. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0833"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/team-section/tags/1.1.0/build/render.php#L3"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/team-section/trunk/build/render.php#L3"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3436953%40team-section&new=3436953%40team-section&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6348b119-a0dc-40ef-ae62-1de86dcefac7?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T07:16:02Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-gp72-rgfw-gwgp/GHSA-gp72-rgfw-gwgp.json b/advisories/unreviewed/2026/01/GHSA-gp72-rgfw-gwgp/GHSA-gp72-rgfw-gwgp.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-gp72-rgfw-gwgp",
+  "modified": "2026-01-17T09:31:14Z",
+  "published": "2026-01-17T09:31:14Z",
+  "aliases": [
+    "CVE-2025-12984"
+  ],
+  "details": "The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 2.0.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12984"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/advanced-ads/tags/2.0.13/includes/admin/class-placement-list-table.php#L254"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3429511%40advanced-ads&new=3429511%40advanced-ads&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/729e8a06-abaa-4468-8a80-1e5c6cbace92?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T07:16:00Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-h4hg-xmrj-3c6w/GHSA-h4hg-xmrj-3c6w.json b/advisories/unreviewed/2026/01/GHSA-h4hg-xmrj-3c6w/GHSA-h4hg-xmrj-3c6w.json
@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-h4hg-xmrj-3c6w",
+  "modified": "2026-01-17T09:31:14Z",
+  "published": "2026-01-17T09:31:14Z",
+  "aliases": [
+    "CVE-2026-0691"
+  ],
+  "details": "The CM E-Mail Blacklist – Simple email filtering for safer registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'black_email' parameter in all versions up to, and including, 1.6.2. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0691"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/cm-email-blacklist/tags/1.6.2/backend/views/settings/email_blacklist.phtml#L67"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/cm-email-blacklist/trunk/backend/views/settings/email_blacklist.phtml#L67"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3440158%40cm-email-blacklist&new=3440158%40cm-email-blacklist&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/821f4ea9-bc25-4d65-9058-5b77c4f1b230?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T07:16:01Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-hj72-p4c8-2pp4/GHSA-hj72-p4c8-2pp4.json b/advisories/unreviewed/2026/01/GHSA-hj72-p4c8-2pp4/GHSA-hj72-p4c8-2pp4.json
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-hj72-p4c8-2pp4",
+  "modified": "2026-01-17T09:31:15Z",
+  "published": "2026-01-17T09:31:15Z",
+  "aliases": [
+    "CVE-2025-14078"
+  ],
+  "details": "The PAYGENT for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.4.6. This is due to missing authorization checks on the paygent_check_webhook function combined with the paygent_permission_callback function unconditionally returning true on line 199. This makes it possible for unauthenticated attackers to manipulate payment callbacks and modify order statuses by sending forged payment notifications via the `/wp-json/paygent/v1/check/` endpoint.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14078"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/woocommerce-for-paygent-payment-main/tags/2.4.2/includes/gateways/paygent/class-wc-paygent-endpoint.php#L199"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/woocommerce-for-paygent-payment-main/trunk/includes/gateways/paygent/class-wc-paygent-endpoint.php#L199"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3432342%40woocommerce-for-paygent-payment-main&new=3432342%40woocommerce-for-paygent-payment-main&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3433179%40woocommerce-for-paygent-payment-main&new=3433179%40woocommerce-for-paygent-payment-main&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9de42bd9-a1d2-48f2-a594-4013a9490e25?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-862"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-17T09:15:51Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-rp6q-fg2m-9fcv/GHSA-rp6q-fg2m-9fcv.json b/advisories/unreviewed/2026/01/GHSA-rp6q-fg2m-9fcv/GHSA-rp6q-fg2m-9fcv.json
diff --git a/advisories/unreviewed/2026/01/GHSA-v766-7x5c-f752/GHSA-v766-7x5c-f752.json b/advisories/unreviewed/2026/01/GHSA-v766-7x5c-f752/GHSA-v766-7x5c-f752.json
