CVE-2025-59585

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.0...

CVE-2025-59553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coderz Studio Custom iFrame for Elementor custom-iframe allows DOM-Based XSS.This issue affects Custom iFrame for Elementor: from n/a through = 1.0.13...

CVE-2025-57938

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themewant Easy Hotel Booking easy-hotel allows DOM-Based XSS.This issue affects Easy Hotel Booking: from n/a through = 1.9.2...

CVE-2025-59586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Portfolio penci-portfolio allows DOM-Based XSS.This issue affects Penci Portfolio: from n/a through = 3.5...

CVE-2025-59553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coderz Studio Custom iFrame for Elementor custom-iframe allows DOM-Based XSS.This issue affects Custom iFrame for Elementor: from n/a through = 1.0.13...

CVE-2025-58233

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Guaven Labs SQL Chart Builder sql-chart-builder allows DOM-Based XSS.This issue affects SQL Chart Builder: from n/a through = 2.3.7.2...

CVE-2025-57999

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows DOM-Based XSS.This issue affects WPKoi Templates for Elementor: from n/a through = 3.4.3...

CVE-2025-57954

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Poll Maker poll-maker allows DOM-Based XSS.This issue affects Poll Maker: from n/a through = 6.0.2...

CVE-2025-57953

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

CVE-2025-59583 WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows DOM-Based XSS.This issue affects Penci Filter Everything: from n/a through 1.7...

CVE-2025-59583

CVE-2025-59583 affects the Penci Filter Everything WordPress plugin (PenciFilter Everything, penci-filter-everything) with a DOM-based XSS flaw caused by improper input neutralization during web page generation in versions

CVE-2025-59585

CVE-2025-59585 affects the WordPress plugin Penci Recipe. The connected document confirms a DOM-based XSS due to improper input neutralization during web page generation, affecting Penci Recipe versions from n/a through 4.0. The CVSS metrics indicate a network-accessible, low-privilege, low-impac...

CVE-2025-59589 WordPress Soledad Theme <= 8.6.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.6.8...

CVE-2025-53463 WordPress HT Mega – Absolute Addons for WPBakery Page Builder Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows DOM-Based XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through =...

CVE-2025-53463 WordPress HT Mega – Absolute Addons for WPBakery Page Builder Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows DOM-Based XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through =...

CVE-2025-57911 WordPress Adverts Plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Adverts adverts-click-tracker allows DOM-Based XSS.This issue affects Adverts: from n/a through = 1.4...

CVE-2025-57911

CVE-2025-57911 is tied to the WordPress Adverts Plugin – Adverts Click Tracker. The connected data indicate an authenticated, stored cross‑site scripting (XSS) vulnerability in Adverts

CVE-2025-57963 WordPress Zoho Billing Plugin <= 4.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Subscriptions Zoho Billing zoho-subscriptions allows DOM-Based XSS.This issue affects Zoho Billing: from n/a through = 4.1...

CVE-2025-57999

CVE-2025-57999 details a DOM-based XSS vulnerability in WPKoi Templates for Elementor. Affected product: WPKoi Templates for Elementor. Affected version range: from n/a through 3.4.1. Description notes improper input neutralization during web page generation leading to cross-site scripting. The I...

CVE-2025-58220 WordPress Card Elements for WPBakery Plugin <= 1.0.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Techeshta Card Elements for WPBakery card-elements-for-wpbakery allows DOM-Based XSS.This issue affects Card Elements for WPBakery: from n/a through = 1.0.8...