CVE-2025-69375 WordPress Portfolio Builder plugin <= 1.2.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.This issue affects Portfolio Builder: from n/a through = 1.2.5...

CVE-2025-57952 WordPress Maps for WP Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc Maps for WP allows Stored XSS. This issue affects Maps for WP: from n/a through 1.2.5...

CVE-2023-45045 WordPress WP Custom Widget area plugin <= 1.2.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in krozero WP Custom Widget area wp-custom-widget-area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget area: from n/a through = 1.2.5...

WordPress Generic Elements plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab in WordPress Plugin Generic Elements versions = 1.2.5...

WordPress Spice Starter Sites plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Spice Starter Sites versions = 1.2.5...