CVE-2022-2446 — CVSS 7.2 (high): The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'current_theme_root' parameter in versions…
CVE-2021-24151 — CVSS 7.2 (high): The WP Editor WordPress plugin before 1.2.7 did not sanitise or validate its setting fields leading to an authenticated (admin+) blind SQL…
CVE-2025-3294 — CVSS 7.2 (high): The WP Editor plugin for WordPress is vulnerable to arbitrary file update due to missing file path validation in all versions up to, and…
CVE-2024-25591 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a…
CVE-2025-3295 — CVSS 4.9 (medium): The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it…