Analysis Summary

CVE-2025-0912 CVSS:9.8

The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.4 via deserialization of untrusted input from the Donation Form through the 'card_address' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution.

CVE-2024-11951 CVSS:9.8

The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.0. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.

CVE-2024-12281 CVSS:9.8

The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.2. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the Editor or Shop Manager role.

CVE-2025-1702 CVSS:7.5

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

Impact

• Privilege Escalation
• Data Manipulation
• Code Execution

Indicators of Compromise

CVE

• CVE-2025-0912

• CVE-2024-11951

• CVE-2024-12281

• CVE-2025-1702

Affected Vendors

Remediation

Update the WordPress plugin to the latest available version.

CVE-2025-0912

CVE-2024-11951

CVE-2024-12281

CVE-2025-1702