June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple SonicWall SMA100 Firmware Vulnerabilities
May 8, 2025
Multiple Microsoft Products Vulnerabilities
May 8, 2025
Multiple SonicWall SMA100 Firmware Vulnerabilities
May 8, 2025
Multiple Microsoft Products Vulnerabilities
May 8, 2025
Severity
Medium
Analysis Summary
CVE-2025-47491 CVSS:7.4
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget allows Cross Site Request Forgery. This issue affects Contact Form Widget: from n/a through 1.4.6.
CVE-2025-47490 CVSS:8.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rustaurius Ultimate WP Mail allows SQL Injection. This issue affects Ultimate WP Mail: from n/a through 1.3.4.
CVE-2025-47494 CVSS:7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashan Perera EventON allows PHP Local File Inclusion. This issue affects EventON: from n/a through 2.4.1.
CVE-2025-47496 CVSS:7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PublishPress PublishPress Authors allows PHP Local File Inclusion. This issue affects PublishPress Authors: from n/a through 4.7.5.
CVE-2025-47498 CVSS:7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking allows PHP Local File Inclusion. This issue affects Hotel Booking: from n/a through 3.6.
Impact
- Cross-Site Scripting
- Data Manipulation
- Gain Access
Indicators of Compromise
CVE
CVE-2025-47491
CVE-2025-47490
CVE-2025-47494
CVE-2025-47496
CVE-2025-47498
Affected Vendors
- WordPress
Affected Products
- PublishPress PublishPress Authors - n/a
- A WP Life Contact Form Widget - n/a
- Rustaurius Ultimate WP Mail - n/a
- Ashan Perera EventON - n/a
- nicdark Hotel Booking - n/a
Remediation
Update the WordPress plugin to the latest available version.