CVE-2025-13386 | Social Images Widget Plugin up to 2.1 on WordPress options_update authorization

November 25, 2025 Yanac

A vulnerability marked as critical has been reported in Social Images Widget Plugin up to 2.1 on WordPress. This impacts the function options_update. This manipulation causes missing authorization.

This vulnerability appears as CVE-2025-13386. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-13404 | atec Duplicate Page & Post Plugin up to 1.2.20 on WordPress duplicate_post authorization
CVE-2025-12525 | Locker Content Plugin up to 1.0.0 on WordPress AJAX Endpoint lockerco_submit_post information disclosure