920 matches found
CVE-2025-26970
Improper Control of Generation of Code 'Code Injection' vulnerability in FRESHFACE Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a through 1.71.0...
CVE-2025-26589
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristopher Dino IE CSS3 Support ie-css3-support allows Reflected XSS.This issue affects IE CSS3 Support: from n/a through = 2.0.1...
CVE-2025-26540
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26563
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Muneeb Mobile rocket-wp-mobile allows Reflected XSS.This issue affects Mobile: from n/a through = 1.3.3...
CVE-2025-26585
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DyadyaLesha DL Leadback dl-leadback allows Reflected XSS.This issue affects DL Leadback: from n/a through = 1.2.1...
CVE-2025-26586
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in abelony Events Planner events-planner allows Reflected XSS.This issue affects Events Planner: from n/a through = 1.3.10...
CVE-2025-26588
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gabrielperezs TTT Crop ttt-crop allows Reflected XSS.This issue affects TTT Crop: from n/a through = 1.0...
CVE-2025-26587
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nghorta sidebarTabs sidebartabs allows Reflected XSS.This issue affects sidebarTabs: from n/a through = 3.1...
CVE-2025-25162
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in kutu62 Sports Rankings and Lists sports-rankings-lists allows Absolute Path Traversal.This issue affects Sports Rankings and Lists: from n/a through = 1.0.2...
CVE-2025-26535
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CodeSolz Bitcoin / AltCoin Payment Gateway for WooCommerce woo-altcoin-payment-gateway allows Blind SQL Injection.This issue affects Bitcoin / AltCoin Payment Gateway for WooCommerce: from n/a...
CVE-2025-25170
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DotsquaresLtd Migrate Posts migrate-post allows Reflected XSS.This issue affects Migrate Posts: from n/a through = 1.0...
CVE-2025-25169
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rachel Cherry Authors Autocomplete Meta Box authors-autocomplete-meta-box allows Reflected XSS.This issue affects Authors Autocomplete Meta Box: from n/a through = 1.2...
CVE-2025-25164
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Yuichiro ABE Meta Accelerator meta-accelerator allows Reflected XSS.This issue affects Meta Accelerator: from n/a through = 1.0.4...
CVE-2025-25165
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richardgabriel Staff Directory Plugin: Company Directory staff-directory-pro allows Stored XSS.This issue affects Staff Directory Plugin: Company Directory: from n/a through = 4.3...
CVE-2025-26534
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-25133
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in newbiesup WP Frontend Submit wp-frontend-submit allows Reflected XSS.This issue affects WP Frontend Submit: from n/a through = 1.1.0...
CVE-2025-25137
Cross-Site Request Forgery CSRF vulnerability in kareemsultan Social Links social-links allows Stored XSS.This issue affects Social Links: from n/a through = 1.0.11...
CVE-2025-25161
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SocialEvolution WP Find Your Nearest wp-find-your-nearest allows Reflected XSS.This issue affects WP Find Your Nearest: from n/a through = 0.3.1...
CVE-2025-25157
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpchurchteam WP Church Center wp-church-center allows Reflected XSS.This issue affects WP Church Center: from n/a through = 1.3.3...
CVE-2025-25131
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in randyjensen RJ Quickcharts rj-quickcharts allows Stored XSS.This issue affects RJ Quickcharts: from n/a through = 0.6.1...