CVE-2025-22680

CVE-2025-22680 corresponds to a Reflected Cross-Site Scripting (XSS) vulnerability in WordPress plugin Ad Inserter Pro, affecting versions up to and including 2.7.39. The CVE entry notes an improper neutralization of input during web page generation, enabling reflected XSS. The core details in co...

CVE-2025-23652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fabio Zuanon Add custom content after post add-custom-content-after-post allows Reflected XSS.This issue affects Add custom content after post: from n/a through = 1.0...

PT-2025-7018 · Unknown · Notfound Botnet Attack Blocker

Name of the Vulnerable Software and Affected Versions: NotFound Botnet Attack Blocker versions prior to 2.0.0 Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This means that an attacker can inject...

CVE-2025-23857

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Essential WP Real Estate allows Reflected XSS. This issue affects Essential WP Real Estate: from n/a through 1.1.3...

CVE-2025-23787

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Foxskav Easy Bet easy-bet allows Reflected XSS.This issue affects Easy Bet: from n/a through = 1.0.7...

CVE-2025-23788

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roni Saha Easy Filter easy-filter allows Reflected XSS.This issue affects Easy Filter: from n/a through = 1.10...

CVE-2025-23857

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SmartDataSoft Essential WP Real Estate essential-wp-real-estate allows Reflected XSS.This issue affects Essential WP Real Estate: from n/a through = 1.1.3...

CVE-2025-23748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Singsys Singsys -Awesome Gallery awesome-gallery-singsys allows Reflected XSS.This issue affects Singsys -Awesome Gallery: from n/a through = 1.0...

CVE-2025-23652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fabio Zuanon Add custom content after post add-custom-content-after-post allows Reflected XSS.This issue affects Add custom content after post: from n/a through = 1.0...

CVE-2025-23655

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in crystalwebpro Contact Form 7 – Paystack Add-on cf7-paystack-add-on allows Reflected XSS.This issue affects Contact Form 7 – Paystack Add-on: from n/a through = 1.2.3...

CVE-2025-23657

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RusAlex WordPress-to-candidate for Salesforce CRM salesforce-wordpress-to-candidate allows Reflected XSS.This issue affects WordPress-to-candidate for Salesforce CRM: from n/a through = 1.0.1...

CVE-2025-23571

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in makong Internal Links Generator internal-links-generator allows Reflected XSS.This issue affects Internal Links Generator: from n/a through = 3.51...

CVE-2025-23428

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arash Safari QMean – WordPress Did You Mean qmean allows Reflected XSS.This issue affects QMean – WordPress Did You Mean: from n/a through = 2.0...

CVE-2025-23851

CVE-2025-23851 is a Reflected Cross-Site Scripting vulnerability in the WordPress plugin Coronavirus (COVID-19) Outbreak Data Widgets . Affected versions are listed as

CVE-2025-23787

CVE-2025-23787 is a WordPress WordPress plugin issue in the NotFound Easy Bet plugin (Easy Bet) with a Reflected XSS vulnerability that affects versions up to 1.0.7. The flaw is described as improper input neutralization during web page generation, enabling reflected cross-site scripting. The CVS...

CVE-2025-23788

CVE-2025-23788 is a Reflected XSS in the WordPress plugin Easy Filter, affecting versions up to 1.10. The CVE details (CVSS 3.1 base 7.1) indicate high severity with network access and user interaction required. Public details about exploit vectors are not provided in connected documents; remedia...

CVE-2025-23748

CVE-2025-23748: Reflected XSS in WordPress plugin Singsys -Awesome Gallery (

CVE-2025-23653 WordPress Form To Online Booking plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Form To Online Booking allows Reflected XSS. This issue affects Form To Online Booking: from n/a through 1.0...

CVE-2025-23652 WordPress Add custom content after post plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fabio Zuanon Add custom content after post add-custom-content-after-post allows Reflected XSS.This issue affects Add custom content after post: from n/a through = 1.0...

CVE-2025-23655

CVE-2025-23655 is a Reflected XSS in the WordPress plugin Contact Form 7 – Paystack Add-on (