CVE-2025-62750

CVE-2025-62750 is a DOM-based XSS vulnerability in the WooCommerce Parcelas plugin for WordPress, affecting versions from n/a up to and including 1.3.5. The description specifies improper input neutralization during web page generation, leading to cross-site scripting via the DOM. The connected d...

CVE-2025-62750 WordPress WooCommerce Parcelas plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Filipe Seabra WooCommerce Parcelas allows DOM-Based XSS.This issue affects WooCommerce Parcelas: from n/a through 1.3.5...

CVE-2025-62097 WordPress SEO Slider plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SEOthemes SEO Slider allows DOM-Based XSS.This issue affects SEO Slider: from n/a through 1.1.1...

CVE-2025-62097

CVE-2025-62097 — SEO Slider (SEOthemes) WordPress plugin suffers a DOM-based XSS due to improper input neutralization during page generation. The vulnerability is reported as an authenticated (Contributor+ or higher) Stored Cross-Site Scripting, with CVSS v3.1 base score 6.5 (MEDIUM). Wordfence n...

CVE-2025-62748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through = 1.5...

CVE-2025-62749

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content user-specific-content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through = 1.0.6...

CVE-2025-62752

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...

CVE-2025-62748

CVE-2025-62748 affects Web and WooCommerce Addons for WPBakery Builder. The connected vulnerability listing identifies it as an Unauthenticated Cross-Site Scripting issue in the add-on (version range: up to 1.5). The initial description describes a DOM/JS-based XSS scenario, while the Wordfence e...

CVE-2025-49358 WordPress Content Fetcher plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ruhul Amin Content Fetcher content-fetcher allows DOM-Based XSS.This issue affects Content Fetcher: from n/a through = 1.1...

CVE-2025-49358

Content Fetcher (WordPress plugin) has CVE-2025-49358: an authenticated (Contributor+) Stored Cross-Site Scripting vulnerability affecting Content Fetcher

EUVD-2025-205924

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ruhul Amin Content Fetcher allows DOM-Based XSS.This issue affects Content Fetcher: from n/a through 1.1...

CVE-2025-62749 WordPress User Specific Content plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through 1.0.6...

CVE-2025-62749 WordPress User Specific Content plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content user-specific-content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through = 1.0.6...

EUVD-2025-205925

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through 1.0.6...

CVE-2025-62752

CVE-2025-62752 is a DOM/Stored XSS vulnerability in the Calendar.online / Kalender.digital WordPress plugin (affected: Calendar.online / Kalender.digital

CVE-2025-62752 WordPress Calendar.online / Kalender.digital plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...

EUVD-2025-205917

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.Digital Calendar.Online / Kalender.Digital allows DOM-Based XSS.This issue affects Calendar.Online / Kalender.Digital: from n/a through 1.0.11...

CVE-2025-62135

CVE-2025-62135 affects the WordPress plugin Responsive Block Control (

CVE-2025-62756 WordPress The Moneytizer plugin <= 10.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lvaudore The Moneytizer the-moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through = 10.0.9...

EUVD-2025-205920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...