4382 matches found
CVE-2025-31455
CVE-2025-31455 affects the WordPress plugin Limit Max IPs Per User. It manifests as a Reflected Cross-Site Scripting (XSS) in web page generation, enabling DOM/ reflected code execution. Affected range listed as up to version 1.5; patch status in the connected data indicates Unpatched as of 2025-...
CVE-2025-31885
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daniel Floeter Hyperlink Group Block hyperlink-group-block allows DOM-Based XSS.This issue affects Hyperlink Group Block: from n/a through = 2.0.1...
CVE-2025-31875
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluginic FancyPost post-block allows DOM-Based XSS.This issue affects FancyPost: from n/a through = 6.0.1...
CVE-2025-31847
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelooks mFolio Lite mfolio-lite allows DOM-Based XSS.This issue affects mFolio Lite: from n/a through = 1.2.3...
CVE-2025-31838
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in eventbee Eventbee RSVP Widget eventbee-rsvp-widget allows DOM-Based XSS.This issue affects Eventbee RSVP Widget: from n/a through = 1.0...
CVE-2025-31835
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brice Capobianco WP Plugin Info Card wp-plugin-info-card allows DOM-Based XSS.This issue affects WP Plugin Info Card: from n/a through = 5.3.0...
CVE-2025-31829
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in devscred ShopCred shopcred allows DOM-Based XSS.This issue affects ShopCred: from n/a through = 1.3.0...
CVE-2025-31817
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPWheels BlockWheels blockwheels allows DOM-Based XSS.This issue affects BlockWheels: from n/a through = 1.0.2...
CVE-2025-31790
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Binsaifullah Posten posten-post-blocks allows DOM-Based XSS.This issue affects Posten: from n/a through = 0.0.1...
CVE-2025-31760
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in snapwidget SnapWidget Social Photo Feed Widget snapwidget-wp-instagram-widget allows DOM-Based XSS.This issue affects SnapWidget Social Photo Feed Widget: from n/a through = 1.1.0...
CVE-2025-31741
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Filtr8 Easy Magazine filtr8-magazine allows DOM-Based XSS.This issue affects Easy Magazine: from n/a through = 2.1.13...
CVE-2025-31747
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through = 1.5.4...
CVE-2025-31734
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Simple Post Expiration simple-post-expiration allows DOM-Based XSS.This issue affects Simple Post Expiration: from n/a through = 1.0.1...
CVE-2025-31885 WordPress Hyperlink Group Block plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daniel Floeter Hyperlink Group Block allows DOM-Based XSS. This issue affects Hyperlink Group Block: from n/a through 2.0.1...
CVE-2025-31885
CVE-2025-31885 concerns the Hyperlink Group Block WordPress plugin. The vulnerability affects Hyperlink Group Block, version 2.0.1 and earlier, with an authenticated (Contributor+) cross-site scripting flaw. The CVE description identifies a Cross-Site Scripting issue (documented as DOM-Based XSS ...
CVE-2025-31885 WordPress Hyperlink Group Block plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daniel Floeter Hyperlink Group Block hyperlink-group-block allows DOM-Based XSS.This issue affects Hyperlink Group Block: from n/a through = 2.0.1...
CVE-2025-31875 WordPress FancyPost plugin <= 6.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluginic FancyPost post-block allows DOM-Based XSS.This issue affects FancyPost: from n/a through = 6.0.1...
CVE-2025-31875 WordPress FancyPost plugin <= 6.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluginic FancyPost allows DOM-Based XSS. This issue affects FancyPost: from n/a through 6.0.1...
CVE-2025-31847 WordPress mFolio Lite plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelooks mFolio Lite mfolio-lite allows DOM-Based XSS.This issue affects mFolio Lite: from n/a through = 1.2.3...
CVE-2025-31847
CVE-2025-31847 affects mFolio Lite (WordPress)