CVE-2025-59586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Portfolio penci-portfolio allows DOM-Based XSS.This issue affects Penci Portfolio: from n/a through = 3.5...

CVE-2025-59553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coderz Studio Custom iFrame for Elementor custom-iframe allows DOM-Based XSS.This issue affects Custom iFrame for Elementor: from n/a through = 1.0.13...

CVE-2025-58654

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michel - xiligroup dev xili-language xili-language allows DOM-Based XSS.This issue affects xili-language: from n/a through = 2.21.3...

CVE-2025-58241

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in snapwidget SnapWidget Social Photo Feed Widget snapwidget-wp-instagram-widget allows DOM-Based XSS.This issue affects SnapWidget Social Photo Feed Widget: from n/a through = 1.1.0...

CVE-2025-58233

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Guaven Labs SQL Chart Builder sql-chart-builder allows DOM-Based XSS.This issue affects SQL Chart Builder: from n/a through = 2.3.7.2...

CVE-2025-58230

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes ZoloBlocks zoloblocks allows DOM-Based XSS.This issue affects ZoloBlocks: from n/a through = 2.3.12...

CVE-2025-58232

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ickata Image Editor by Pixo image-editor-by-pixo allows DOM-Based XSS.This issue affects Image Editor by Pixo: from n/a through = 2.3.8...

CVE-2025-58220

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Techeshta Card Elements for WPBakery card-elements-for-wpbakery allows DOM-Based XSS.This issue affects Card Elements for WPBakery: from n/a through = 1.0.8...

CVE-2025-58002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Milan Petrovic GD bbPress Tools gd-bbpress-tools allows DOM-Based XSS.This issue affects GD bbPress Tools: from n/a through = 3.5.3...

CVE-2025-57999

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows DOM-Based XSS.This issue affects WPKoi Templates for Elementor: from n/a through = 3.4.3...

CVE-2025-57953

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

CVE-2025-57954

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Poll Maker poll-maker allows DOM-Based XSS.This issue affects Poll Maker: from n/a through = 6.0.2...

CVE-2025-57947

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Photo Gallery by Ays gallery-photo-gallery allows DOM-Based XSS.This issue affects Photo Gallery by Ays: from n/a through = 6.3.8...

CVE-2025-59553 WordPress Custom iFrame for Elementor Plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coderz Studio Custom iFrame for Elementor custom-iframe allows DOM-Based XSS.This issue affects Custom iFrame for Elementor: from n/a through = 1.0.13...

CVE-2025-59583 WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows DOM-Based XSS.This issue affects Penci Filter Everything: from n/a through 1.7...

CVE-2025-59583

CVE-2025-59583 affects the Penci Filter Everything WordPress plugin (PenciFilter Everything, penci-filter-everything) with a DOM-based XSS flaw caused by improper input neutralization during web page generation in versions

CVE-2025-59583 WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows DOM-Based XSS.This issue affects Penci Filter Everything: from n/a through 1.7...

CVE-2025-59584

CVE-2025-59584 is a DOM-based XSS in the Penci Podcast WordPress plugin. The vulnerability arises from improper neutralization of user-controlled input during web page generation, enabling cross-site scripting. It affects Penci Podcast versions up to 1.6 (and was patched in a later release). Expl...

CVE-2025-59584 WordPress Penci Podcast Plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Podcast allows DOM-Based XSS. This issue affects Penci Podcast: from n/a through 1.6...

CVE-2025-59584 WordPress Penci Podcast Plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Podcast penci-podcast allows DOM-Based XSS.This issue affects Penci Podcast: from n/a through = 1.6...