920 matches found
CVE-2025-28889
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in starblank Custom Product Stickers for Woocommerce custom-product-stickers-for-woocommerce allows Reflected XSS.This issue affects Custom Product Stickers for Woocommerce: from n/a through = 1.9.0...
CVE-2025-28893
Improper Control of Generation of Code 'Code Injection' vulnerability in Govind Visual Text Editor visual-text-editor allows Remote Code Inclusion.This issue affects Visual Text Editor: from n/a through = 1.2.1...
CVE-2025-28873
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Scott Taylor Shuffle shuffle allows Blind SQL Injection.This issue affects Shuffle: from n/a through = 0.5...
CVE-2025-28855
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in srcoley Teleport teleport allows Reflected XSS.This issue affects Teleport: from n/a through = 1.2.4...
CVE-2025-28869
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shauno NextGEN Gallery Voting nextgen-gallery-voting allows Reflected XSS.This issue affects NextGEN Gallery Voting: from n/a through = 2.7.6...
CVE-2025-26546
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pixelpro Cookies Pro cookies-pro allows Reflected XSS.This issue affects Cookies Pro: from n/a through = 1.0...
CVE-2025-26560
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KKWangen WP Contact Form III wp-contact-form-iii allows Reflected XSS.This issue affects WP Contact Form III: from n/a through = 1.6.2d...
CVE-2025-26559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris Taylor Secure Invites wordpress-mu-secure-invites allows Reflected XSS.This issue affects Secure Invites: from n/a through = 1.3...
CVE-2025-26537
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rolomak GDPR Tools gdpr-tools allows Stored XSS.This issue affects GDPR Tools: from n/a through = 1.0.2...
CVE-2025-26544
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max K UTM tags tracking for Contact Form 7 cf7-utm-tracking allows Reflected XSS.This issue affects UTM tags tracking for Contact Form 7: from n/a through = 2.1...
CVE-2025-25134
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zenverse Theme Demo Bar wordpress-theme-demo-bar allows Reflected XSS.This issue affects Theme Demo Bar: from n/a through = 1.6.3...
CVE-2025-23714
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in podspod AppReview appreview allows Reflected XSS.This issue affects AppReview: from n/a through = 0.2.9...
CVE-2025-23666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cxc-sawa Management-screen-droptiles cxc-sawa allows Reflected XSS.This issue affects Management-screen-droptiles: from n/a through = 1.0...
CVE-2025-23638
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Umesh Ghimire Frontend Post Submission frontend-post-submission allows Reflected XSS.This issue affects Frontend Post Submission: from n/a through = 1.0...
CVE-2025-23633
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in khanhtruong WP Database Audit database-audit allows Reflected XSS.This issue affects WP Database Audit: from n/a through = 1.0...
CVE-2025-23543
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fomopay FOMO Pay Chinese Payment Solution fomo-payment-gateway-for-woocommerce allows Reflected XSS.This issue affects FOMO Pay Chinese Payment Solution: from n/a through = 2.0.4...
CVE-2025-23546
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robert D Payne RDP inGroups+ rdp-ingroups allows Reflected XSS.This issue affects RDP inGroups+: from n/a through = 1.0.6...
CVE-2025-23460
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhizomaticweb RWS Enquiry And Lead Follow-up rws-enquiry allows Reflected XSS.This issue affects RWS Enquiry And Lead Follow-up: from n/a through = 1.0...
CVE-2025-28939
CVE-2025-28939 concerns the WordPress plugin WP Google Calendar Manager (NotFound)
CVE-2025-28924
CVE-2025-28924 is a Reflected XSS affecting ZenphotoPress (NotFound ZenphotoPress entry) with versions up to 1.8. The issue arises from improper input neutralization during web page generation. The CVSSv3.1 base score is 7.1 (HIGH): network attack vector, low confidentiality/integrity/availabilit...