CVE-2025-62921 WordPress Bulk Auto Image Title Attribute plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pagup Bulk Auto Image Title Attribute bulk-image-title-attribute allows DOM-Based XSS.This issue affects Bulk Auto Image Title Attribute: from n/a through = 2.0.1...

CVE-2025-62887 WordPress King Addons for Elementor plugin <= 51.1.61 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KingAddons.com King Addons for Elementor king-addons allows DOM-Based XSS.This issue affects King Addons for Elementor: from n/a through = 51.1.61...

CVE-2025-62887

The CVE-2025-62887 entry describes a DOM-Based XSS in WordPress Word Addons for Elementor (King Addons for Elementor). Affected product/component: King Addons for Elementor plugin for WordPress, version up to and including 51.1.37. Root cause: Improper Neutralization of Input During Web Page Gene...

CVE-2025-62887 WordPress King Addons for Elementor plugin <= 51.1.61 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KingAddons.com King Addons for Elementor king-addons allows DOM-Based XSS.This issue affects King Addons for Elementor: from n/a through = 51.1.61...

CVE-2025-62885 WordPress WP VR plugin <= 8.5.48 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through = 8.5.48...

CVE-2025-62885

The CVE-2025-62885 entry concerns the WordPress WP VR plugin (RexTheme) with a DOM-based XSS caused by improper input neutralization during web page generation. Affected: WP VR

WordPress plugin Marquee Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin King Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripti...

WordPress plugin Estatik 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-43835

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Estatik Estatik estatik allows DOM-Based XSS.This issue affects Estatik: from n/a through = 4.1.13...

CVE-2025-49936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xtemos WoodMart woodmart allows DOM-Based XSS.This issue affects WoodMart: from n/a through 8.3.2...

CVE-2025-58961

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kamleshyadav CF7 Auto Responder Addon CF7-autoresponder-addon allows DOM-Based XSS.This issue affects CF7 Auto Responder Addon: from n/a through = 2.4...

CVE-2025-49928

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20...

EUVD-2025-35449

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kamleshyadav CF7 Auto Responder Addon CF7-autoresponder-addon allows DOM-Based XSS.This issue affects CF7 Auto Responder Addon: from n/a through = 2.4...

EUVD-2025-35522

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xtemos WoodMart woodmart allows DOM-Based XSS.This issue affects WoodMart: from n/a through 8.3.2...

CVE-2025-49940

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeFusion Fusion Builder fusion-builder allows DOM-Based XSS.This issue affects Fusion Builder: from n/a through = 3.13.2...

CVE-2025-49936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xtemos WoodMart woodmart allows DOM-Based XSS.This issue affects WoodMart: from n/a through 8.3.2...

CVE-2025-49928

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20...

CVE-2025-49923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows DOM-Based XSS.This issue affects Seriously Simple Podcasting: from n/a through = 3.11.1...

CVE-2025-58961 WordPress CF7 Auto Responder Addon plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kamleshyadav CF7 Auto Responder Addon CF7-autoresponder-addon allows DOM-Based XSS.This issue affects CF7 Auto Responder Addon: from n/a through = 2.4...