Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2025-1405
CVE-2025-1405:
WordPress vulnerability analysis and mitigation
Overview
The CVE-2025-1405 is a vulnerability reported in the Product Catalog Simple WordPress plugin. The vulnerability was discovered and disclosed on February 27, 2025. The affected software is Product Catalog Simple plugin version 1.8.0 and potentially earlier versions (WordPress Plugin).
Technical details
The vulnerability is related to security issues with the show_products block parameters. The issue involves improper escaping of parameters in the plugin's functionality (WordPress Plugin).
Impact
While specific impact details are limited in the available sources, the vulnerability could potentially affect WordPress installations using the Product Catalog Simple plugin. The issue is significant enough to warrant a security fix in version 1.8.0 (WordPress Plugin).
Mitigation and workarounds
Users are advised to update to Product Catalog Simple version 1.8.0 or later, which includes the security fix for properly escaping all show_products block parameters (WordPress Plugin).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management