CVE-2025-22660

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wolfgang Include Mastodon Feed include-mastodon-feed allows DOM-Based XSS.This issue affects Include Mastodon Feed: from n/a through = 1.9.9...

CVE-2025-22660 WordPress Include Mastodon Feed plugin <= 1.9.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wolfgang Include Mastodon Feed include-mastodon-feed allows DOM-Based XSS.This issue affects Include Mastodon Feed: from n/a through = 1.9.9...

CVE-2025-22660

CVE-2025-22660 — WordPress plugin Include Mastodon Feed (up to 1.9.9) is affected by a DOM-based XSS vulnerability due to improper input handling. Connected sources confirm the issue and indicate a patch has been released; updating to a fixed release (greater than 1.9.9) is the advised remediatio...

CVE-2025-26738

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Graham Quick Interest Slider quick-interest-slider allows DOM-Based XSS.This issue affects Quick Interest Slider: from n/a through = 3.1.5...

CVE-2025-26732

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in burgersoftware StoreBiz storebiz allows DOM-Based XSS.This issue affects StoreBiz: from n/a through = 1.0.32...

CVE-2025-26737

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in yudleethemes City Store allows DOM-Based XSS.This issue affects City Store: from n/a through 1.4.5...

CVE-2025-22816

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetrendy Power Mag power-mag allows DOM-Based XSS.This issue affects Power Mag: from n/a through = 1.1.5...

CVE-2025-22816

CVE-2025-22816 refers to a WordPress Power Mag theme vulnerability (Power Mag &lt;= 1.1.5) with a DOM-based XSS due to improper input neutralization during web page generation. Affected software: Power Mag theme for WordPress (Power Mag: from n/a through 1.1.5). Root cause: inadequate sanitizatio...

CVE-2025-26732

CVE-2025-26732 (StoreBiz) is an authenticated, stored XSS vulnerability in the StoreBiz WordPress plugin (

CVE-2025-26732 WordPress StoreBiz plugin <= 1.0.32 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in burgersoftware StoreBiz storebiz allows DOM-Based XSS.This issue affects StoreBiz: from n/a through = 1.0.32...

CVE-2025-26732 WordPress StoreBiz plugin <= 1.0.32 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in burgersoftware StoreBiz storebiz allows DOM-Based XSS.This issue affects StoreBiz: from n/a through = 1.0.32...

CVE-2025-26737 WordPress City Store theme <= 1.4.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in yudleethemes City Store allows DOM-Based XSS.This issue affects City Store: from n/a through 1.4.5...

CVE-2025-26737

Technical details for CVE-2025-26737 (City Store XSS) are not provided in the connected documents. Public information in the initial entry is limited to basic description and CVSS context. Monitor for official updates or vendor advisories for fixes and affected versions.

CVE-2025-26737 WordPress City Store theme <= 1.4.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in yudleethemes City Store allows DOM-Based XSS.This issue affects City Store: from n/a through 1.4.5...

CVE-2025-26738

CVE-2025-26738 is a DOM-based XSS vulnerability in the Quick Interest Slider WordPress plugin. The vulnerability is described as Improper Neutralization of Input During Web Page Generation (XSS) and is associated with Quick Interest Slider versions from n/a through 3.1.3. The connected Wordfence ...

CVE-2025-26738 WordPress Quick Interest Slider plugin <= 3.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Graham Quick Interest Slider quick-interest-slider allows DOM-Based XSS.This issue affects Quick Interest Slider: from n/a through = 3.1.5...

CVE-2025-30907

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SecuPress SecuPress Free secupress allows DOM-Based XSS.This issue affects SecuPress Free: from n/a through = 2.2.5.3...

CVE-2025-30903

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Mills SyntaxHighlighter Evolved syntaxhighlighter allows DOM-Based XSS.This issue affects SyntaxHighlighter Evolved: from n/a through = 3.7.1...

CVE-2025-30907

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SecuPress SecuPress Free allows DOM-Based XSS. This issue affects SecuPress Free: from n/a through 2.2.5.3...

CVE-2025-30893

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LeadConnector LeadConnector leadconnector allows DOM-Based XSS.This issue affects LeadConnector: from n/a through = 3.0.2...