ByteOS Network

WordLift

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-53582

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.03% / 7.97%

7 Day CHG~0.00%

Published-14 Aug, 2025 | 18:21

Updated-15 Aug, 2025 | 13:12

WordPress WordLift Plugin <= 3.54.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordLift WordLift allows Stored XSS. This issue affects WordLift: from n/a through 3.54.5.

Vendor-WordLift

Product-WordLift

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2025-30624

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.04% / 10.65%

7 Day CHG~0.00%

Published-06 Jun, 2025 | 12:54

Updated-06 Jun, 2025 | 16:02

WordPress WordLift <= 3.54.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in WordLift WordLift allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordLift: from n/a through 3.54.4.

Vendor-WordLift

Product-WordLift

CWE ID-CWE-862

Missing Authorization