CVE-2025-9114 | Doccure Plugin up to 1.4.8 on WordPress Password Change Remote Code Execution

September 8, 2025 Yanac

A vulnerability has been found in Doccure Plugin up to 1.4.8 on WordPress and classified as critical. Impacted is an unknown function of the component Password Change Handler. This manipulation causes Remote Code Execution.

This vulnerability appears as CVE-2025-9114. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-9112 | Doccure Plugin up to 1.4.8 on WordPress doccure_temp_file_uploader unrestricted upload
CVE-2025-41682 | Bender CC612/CC613/ICC16xx/ICC13xx up to 5.33.2 insufficiently protected credentials (VDE-2025-061)