CVE-2025-68499

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through = 2.2.12...

CVE-2025-66103

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in revmakx WPCal.io wpcal allows DOM-Based XSS.This issue affects WPCal.io: from n/a through = 0.9.5.9...

CVE-2025-66103 WordPress WPCal.io plugin <= 0.9.5.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in revmakx WPCal.io wpcal allows DOM-Based XSS.This issue affects WPCal.io: from n/a through = 0.9.5.9...

CVE-2025-64190

CVE-2025-64190: DOM-based XSS in 8theme XStore Core (WordPress plugin) before v5.6 caused by improper neutralization of input during web page generation. Impacts confidentiality/integrity/availability as per XSS descriptions; remediation: upgrade to XStore Core 5.6 or later (no further exploit de...

EUVD-2025-205725

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FlippingBook FlippingBook flippingbook allows DOM-Based XSS.This issue affects FlippingBook: from n/a through = 2.0.1...

EUVD-2025-205709

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vidish Combo Offers WooCommerce woo-combo-offers allows DOM-Based XSS.This issue affects Combo Offers WooCommerce: from n/a through = 4.2...

EUVD-2025-205726

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

EUVD-2025-205711

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...

EUVD-2025-205706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows DOM-Based XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.5.3...

EUVD-2025-205745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xenioushk BWL Pro Voting Manager bwl-pro-voting-manager allows DOM-Based XSS.This issue affects BWL Pro Voting Manager: from n/a through = 1.4.9...

CVE-2025-69018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

CVE-2025-68991

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xenioushk BWL Pro Voting Manager bwl-pro-voting-manager allows DOM-Based XSS.This issue affects BWL Pro Voting Manager: from n/a through = 1.4.9...

CVE-2025-68978

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes DesignThemes Core designthemes-core allows DOM-Based XSS.This issue affects DesignThemes Core: from n/a through = 1.6...

CVE-2025-69092 WordPress Essential Addons for Elementor plugin <= 6.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows DOM-Based XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.5.3...

CVE-2025-69092

CVE-2025-69092 is a WordPress vulnerability in Essential Addons for Elementor (Lite) that enables an authenticated (Contributor+) Stored Cross-Site Scripting (XSS) via input in versions

CVE-2025-69033 WordPress Blog Filter plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...

CVE-2025-69018 WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

CVE-2025-69019

CVE-2025-69019 : FlippingBook (FlippingBook/FlippingBook) contains a DOM-based XSS in the web-page generation flow, affecting FlippingBook versions up to and including 2.0.1. The Wordfence report details an authenticated (Contributor+) path to abuse; CVSS/impact per initial data indicates cross-s...

CVE-2025-69018

CVE-2025-69018 affects Web Directory Free (WordPress) up to version 1.7.12. The Wordfence entry shows an authenticated (Contributor+) stored XSS vulnerability enabling DOM-based XSS during web page generation due to improper input neutralization. Patch status: Patched (fixed in a newer release).

CVE-2025-69019 WordPress FlippingBook plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FlippingBook FlippingBook flippingbook allows DOM-Based XSS.This issue affects FlippingBook: from n/a through = 2.0.1...