CVE-2025-23839

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Asif Shakeel Sticky Button sticky-chat-button allows Stored XSS.This issue affects Sticky Button: from n/a through = 1.0...

CVE-2025-23956

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Richard Leishman WP Easy Post Mailer wp-mailer allows Reflected XSS.This issue affects WP Easy Post Mailer: from n/a through = 0.64...

CVE-2025-23479

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in melascrivi melascrivi melascrivi allows Reflected XSS.This issue affects melascrivi: from n/a through = 1.4...

CVE-2025-23578

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bastien Ho Custom CSS Addons css-addons allows Reflected XSS.This issue affects Custom CSS Addons: from n/a through = 1.9.1...

CVE-2025-23695

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kinlane CtyGrid Hyp3rL0cal Search hyp3rl0cal-city-search allows Reflected XSS.This issue affects CtyGrid Hyp3rL0cal Search: from n/a through = 0.1.1.1...

CVE-2025-23938

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CRUDLab Image Gallery Box by CRUDLab image-gallery-box-by-crudlab allows PHP Local File Inclusion.This issue affects Image Gallery Box by CRUDLab: from n/a through = 1.0.3...

CVE-2025-23866

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E. Marten EU DSGVO Helper dsgvo allows Reflected XSS.This issue affects EU DSGVO Helper: from n/a through = 1.0.6.1...

CVE-2025-23668

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mauricio Urrego ChatGPT Open AI Images & Content for WooCommerce glasses-for-woocommerce allows Reflected XSS.This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through =...

CVE-2025-23587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashek Al Mahmud all-in-one-box-login all-in-one-login allows Reflected XSS.This issue affects all-in-one-box-login: from n/a through = 2.0.1...

CVE-2025-23509

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in siteheart HyperComments comments-with-hypercommentscom allows Reflected XSS.This issue affects HyperComments: from n/a through = 0.9.6...

CVE-2025-23563

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mbyte Explore pages explore-pages allows Reflected XSS.This issue affects Explore pages: from n/a through = 1.01...

CVE-2025-23923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wackey Lockets lockets allows Reflected XSS.This issue affects Lockets: from n/a through = 0.999...

CVE-2025-23851

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Khushwant Singh Coronavirus COVID-19 Outbreak Data Widgets coronavirus-data-widgets allows Reflected XSS.This issue affects Coronavirus COVID-19 Outbreak Data Widgets: from n/a through = 1.1.1...

CVE-2025-23932

Deserialization of Untrusted Data vulnerability in Marko-M Quick Count quick-count allows Object Injection.This issue affects Quick Count: from n/a through = 3.00...

CVE-2025-23536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mndpsingh287 Track Page Scroll track-page-scroll allows Reflected XSS.This issue affects Track Page Scroll: from n/a through = 1.0.2...

CVE-2025-23653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nabeel Tahir Form To Online Booking cf7-calendly-integration allows Reflected XSS.This issue affects Form To Online Booking: from n/a through = 1.0...

CVE-2025-23770

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Caspie Fast Tube fast-tube allows Reflected XSS.This issue affects Fast Tube: from n/a through = 2.3.1...

CVE-2025-23716

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JkmAS Login Watchdog login-watchdog allows Stored XSS.This issue affects Login Watchdog: from n/a through = 1.0.4...

CVE-2025-23752

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Clifton Griffin CGD Arrange Terms shopp-arrange allows Reflected XSS.This issue affects CGD Arrange Terms: from n/a through = 1.1.3...

CVE-2025-23914

Deserialization of Untrusted Data vulnerability in muzaara Muzaara Google Ads Report muzaara-adwords-optimize-dashboard allows Object Injection.This issue affects Muzaara Google Ads Report: from n/a through = 3.1...