CVE-2025-39547 WordPress Internal Link Optimiser plugin <= 5.1.3 - CSRF to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Internal Link Optimiser internal-link-finder allows Stored XSS.This issue affects Internal Link Optimiser: from n/a through = 5.1.3...

WordPress plugin Live Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-27350 WordPress Vice Versa plugin <= 2.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hugh Mungus Vice Versa vice-versa allows Reflected XSS.This issue affects Vice Versa: from n/a through = 2.2.3...

WordPress Affiliate Link Tracker plugin <= 0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Affiliate Link Tracker versions = 0.2...

WordPress Vayu Blocks plugin 1.0.4-1.2.1 - Missing Authorization to Unauthenticated Limited Arbitrary Options Update vulnerability

Missing Authorization to Unauthenticated Limited Arbitrary Options Update vulnerability discovered by kr0d in WordPress Plugin Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce versions 1.0.4-1.2.1...

WordPress plugin YaMaps for WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

WordPress plugin SurveyJS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Theme Tainá versions 0.2.5...

WordPress plugin Demo Awesome 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exis...

CVE-2025-31851 WordPress Beds24 Online Booking plugin <= 2.0.26 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in markkinchin Beds24 Online Booking allows Stored XSS. This issue affects Beds24 Online Booking: from n/a through 2.0.26...

CVE-2025-31772 WordPress WP Modal Popup with Cookie Integration plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Astoundify WP Modal Popup with Cookie Integration allows Stored XSS. This issue affects WP Modal Popup with Cookie Integration: from n/a through 2.4...

WordPress plugin Real Estate 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress plugin MDJM Event Management 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

WordPress WP Church Donation plugin <= 1.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by johska Patchstack Alliance in WordPress Plugin WP Church Donation versions = 1.7...

WordPress plugin Appointy Appointment Scheduler 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress Material Dashboard plugin <= 1.4.5 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by LVT-tholv2k in WordPress Plugin Material Dashboard versions = 1.4.5...

WordPress Ultimate Blocks plugin <= 3.2.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Ultimate Blocks versions = 3.2.7...

WordPress Flickr set slideshows plugin <= 0.9 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by timomangcut in WordPress Plugin Flickr set slideshows versions = 0.9...

WordPress Login Widget for Ultimate Member plugin <= 1.1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by muhammad yudha in WordPress Plugin Login Widget for Ultimate Member versions = 1.1.2...

WordPress SearchIQ plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin SearchIQ versions = 4.7...