WordPress Salient Shortcodes plugin <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton - Wordfence in WordPress Plugin Salient Shortcodes versions = 1.5.3...

CVE-2025-58862

CVE-2025-58862 affects WordPress WordPress Events Calendar Plugin – connectDaily (versions

CVE-2025-32547 WordPress All push notification for WP Plugin <= 1.5.3 - CSRF to SQL Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in gtlwpdev All push notification for WP all-push-notification allows Blind SQL Injection.This issue affects All push notification for WP: from n/a through = 1.5.3...