Khaled Alenazi

49 exploits Active since Mar 2024
CVE-2025-3102 NOMISEC HIGH WORKING POC
SureTriggers - All-in-One Automation Platform < 1.0.78 - Authentication Bypass
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.
8 stars
CVSS 8.1
CVE-2025-2266 NOMISEC CRITICAL WORKING POC
Checkout Mestres do WP for WooCommerce <8.7.5 - Privilege Escalation
The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
8 stars
CVSS 9.8
CVE-2025-3776 NOMISEC HIGH WORKING POC
WordPress <1.5 - RCE
The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code Execution in all versions up to, and including, 1.5 via the 'targetvr_ajax_handler' function. This is due to a lack of validation on the type of function that can be called. This makes it possible for unauthenticated attackers to execute any callable function on the site, such as phpinfo().
7 stars
CVSS 8.3
CVE-2025-1306 NOMISEC HIGH WORKING POC
Spicethemes Newscrunch < 1.8.4.1 - CSRF
The Newscrunch theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.4. This is due to missing or incorrect nonce validation on the newscrunch_install_and_activate_plugin() function. This makes it possible for unauthenticated attackers to upload arbitrary files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
4 stars
CVSS 8.8
CVE-2025-39436 NOMISEC CRITICAL WORKING POC
aidraw I Draw <1.0 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw idraw allows Using Malicious Files.This issue affects I Draw: from n/a through <= 1.0.
3 stars
CVSS 9.1
CVE-2025-2294 NOMISEC CRITICAL WORKING POC
Kubio AI Page Builder <2.5.1 - Local File Inclusion
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
3 stars
CVSS 9.8
CVE-2025-3102 NOMISEC HIGH WORKING POC
SureTriggers - All-in-One Automation Platform < 1.0.78 - Authentication Bypass
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.
2 stars
CVSS 8.1
CVE-2025-3605 NOMISEC CRITICAL WORKING POC
Frontend Login & Registration Blocks <1.0.7 - Privilege Escalation
The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
2 stars
CVSS 9.8
CVE-2025-1304 NOMISEC HIGH WORKING POC
Spicethemes Newsblogger < 0.2.5.2 - Missing Authorization
The NewsBlogger theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the newsblogger_install_and_activate_plugin() function in all versions up to, and including, 0.2.5.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
2 stars
CVSS 8.8
CVE-2025-1307 NOMISEC CRITICAL WORKING POC
Spicethemes Newscrunch < 1.8.4.1 - Missing Authorization
The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunch_install_and_activate_plugin() function in all versions up to, and including, 1.8.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
2 stars
CVSS 9.8
CVE-2025-32206 NOMISEC CRITICAL WORKING POC
LABCAT Processing Projects <1.0.2 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in LABCAT Processing Projects processing-projects allows Upload a Web Shell to a Web Server.This issue affects Processing Projects: from n/a through <= 1.0.2.
2 stars
CVSS 9.1
CVE-2024-51788 NOMISEC CRITICAL WORKING POC
The Novel Design Store Directory <4.3.0 - Unrestricted Upload of Fi...
Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Wolfe The Novel Design Store Directory noveldesign-store-directory allows Upload a Web Shell to a Web Server.This issue affects The Novel Design Store Directory: from n/a through <= 4.3.0.
2 stars
CVSS 10.0
CVE-2024-6132 NOMISEC HIGH WORKING POC
Pexels: Free Stock Photos <1.2.2 - File Upload
The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.
2 stars
CVSS 8.8
CVE-2025-3604 NOMISEC CRITICAL WORKING POC
Flynax Bridge < 2.2.0 - Missing Authorization
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
1 stars
CVSS 9.8
CVE-2025-30772 NOMISEC HIGH WORKING POC
WPClever WPC Smart Upsell Funnel for WooCommerce <3.0.4 - Missing Authorization
Missing Authorization vulnerability in WPClever WPC Smart Upsell Funnel for WooCommerce wpc-smart-upsell-funnel allows Privilege Escalation.This issue affects WPC Smart Upsell Funnel for WooCommerce: from n/a through <= 3.0.4.
1 stars
CVSS 8.8
CVE-2025-32118 NOMISEC CRITICAL WORKING POC
NiteoThemes CMP - Unrestricted Upload
Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP – Coming Soon & Maintenance: from n/a through <= 4.1.14.
1 stars
CVSS 9.1
CVE-2025-28915 NOMISEC CRITICAL WORKING POC
ThemeEgg ToolKit <1.2.9 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through <= 1.2.9.
1 stars
CVSS 9.1
CVE-2025-32579 NOMISEC CRITICAL WORKING POC
SoftClever Limited Sync Posts <1.0 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through <= 1.0.
1 stars
CVSS 9.9
CVE-2025-39601 NOMISEC CRITICAL WORKING POC
WPFactory Custom CSS, JS & PHP <2.4.1 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through <= 2.4.1.
1 stars
CVSS 9.6
CVE-2025-39596 NOMISEC CRITICAL WORKING POC
Quentn WP <1.2.8 - Privilege Escalation
Weak Authentication vulnerability in Quentn.com GmbH Quentn WP quentn-wp allows Privilege Escalation.This issue affects Quentn WP: from n/a through <= 1.2.8.
1 stars
CVSS 9.8
CVE-2025-25101 NOMISEC CRITICAL WORKING POC
MetricThemes Munk Sites <1.0.8 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in MetricThemes Munk Sites munk-sites allows Cross Site Request Forgery.This issue affects Munk Sites: from n/a through <= 1.0.7.
1 stars
CVSS 9.6
CVE-2024-51793 NOMISEC CRITICAL WORKING POC
Webful Creations Computer Repair Shop <3.8115 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Upload a Web Shell to a Web Server.This issue affects RepairBuddy: from n/a through <= 3.8115.
1 stars
CVSS 10.0
CVE-2024-49668 NOMISEC CRITICAL WORKING POC
Verbalize WP - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in christopherdewese1099 Verbalize WP verbalize-wp allows Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from n/a through <= 1.0.
1 stars
CVSS 10.0
CVE-2024-50492 NOMISEC HIGH WORKING POC
Scottpaterson Scottcart < 1.1 - Code Injection
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson ScottCart scottcart allows Code Injection.This issue affects ScottCart: from n/a through <= 1.1.
1 stars
CVSS 8.3
CVE-2024-56249 NOMISEC CRITICAL WORKING POC
Webdeclic WPMasterToolKit <1.13.1 - Code Injection
Unrestricted Upload of File with Dangerous Type vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through <= 1.13.1.
1 stars
CVSS 9.1