CVE-2025-63029 | WC Lovers WCFM Marketplace Plugin up to 3.7.1 on WordPress sql injection

April 15, 2026 Yanac

A vulnerability was found in WC Lovers WCFM Marketplace Plugin up to 3.7.1 on WordPress. It has been rated as critical. Affected is an unknown function. This manipulation causes sql injection.

This vulnerability appears as CVE-2025-63029. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2026-6372 | Plisio Accept Cryptocurrencies with Plugin up to 2.0.5 on WordPress authorization
CVE-2026-30995 | Slah CMS up to 1.5.0 vereador_ver.php ID sql injection