CVE-2023-31077

Cross-Site Request Forgery CSRF vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin = 2.1.9 versions...

CVE-2022-0150

The WP Accessibility Helper WAH WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue...

CVE-2017-18499

The simple-membership plugin before 3.5.7 for WordPress has XSS...

CVE-2023-25481

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

CVE-2023-25986

Cross-Site Request Forgery CSRF vulnerability in WattIsIt PayGreen – Ancienne version plugin = 4.10.2 versions...

CVE-2023-25798

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Olevmedia Olevmedia Shortcodes plugin = 1.1.9 versions...

CVE-2023-25978

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Nate Reist Protected Posts Logout Button plugin = 1.4.5 versions...

CVE-2023-45063

Cross-Site Request Forgery CSRF vulnerability in ReCorp AI Content Writing Assistant Content Writer, GPT 3 & 4, ChatGPT, Image Generator All in One plugin = 1.1.5 versions...

CVE-2023-45060

Cross-Site Request Forgery CSRF vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

CVE-2023-40556

Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...

CVE-2023-40008

Cross-Site Request Forgery CSRF vulnerability in Gangesh Matta Simple Org Chart plugin = 2.3.4 versions...

CVE-2023-40210

Cross-Site Request Forgery CSRF vulnerability in Sean Barton Tortoise IT SB Child List plugin = 4.5 versions...

CVE-2023-40681

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. Groundhogg plugin = 2.7.11.10 versions...

CVE-2023-45769

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Alex Raven WP Report Post plugin = 2.1.2 versions...

CVE-2023-45006

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ByConsole WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location plugin = 2.4.6 versions...

CVE-2023-40667

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lasso Simple URLs plugin = 117 versions...

CVE-2025-13753

CVE-2025-13753 refers to the WP Table Builder – Drag & Drop Table Builder plugin for WordPress. The issue is an incorrect authorization check on save_table() , enabling authenticated users with Subscriber+ privileges to create new wptb-table posts in versions up to and including 2.0.19. The Wordf...

CVE-2025-68891 WordPress WP App Bar plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryan Sutana WP App Bar wp-app-bar allows Reflected XSS.This issue affects WP App Bar: from n/a through = 1.5...

CVE-2025-68890

CVE-2025-68890 is a DOM-based XSS in the hands01 e-shops e-shops-cart2 plugin (WordPress) caused by improper input neutralization during web-page generation, affecting versions from n/a through

CVE-2025-23504 WordPress Felan Framework plugin <= 1.1.3 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in RiceTheme Felan Framework felan-framework allows Authentication Abuse.This issue affects Felan Framework: from n/a through = 1.1.3...