CVE-2025-6324 WordPress Easy Invoice plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through = 2.0.9...

CVE-2025-60180 WordPress WP Gravity Forms Salesforce plugin <= 1.5.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through = 1.5.1...

CVE-2025-60174 WordPress WP Gravity Forms Constant Contact plugin plugin <= 1.1.2 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.2...

CVE-2025-60174

CVE-2025-60174 affects the WordPress plugin WP Gravity Forms Constant Contact Plugin gf-constant-contact (versions from unspecified n/a up to and including 1.1.2). The vulnerability is described as a Deserialization of Untrusted Data issue that allows Object Injection. Core details provided acros...

CVE-2025-60078

The CVE-2025-60078 issue affects the WordPress Task Manager plugin for WordPress (versions

CVE-2025-54743

CVE-2025-54743 describes a Missing Authorization vulnerability in the WordPress plugin Download After Email (versions 2.1.5–2.1.6). Exploitation would allow bypassing access controls to download content due to misconfigured authorization. Affected product: Download After Email – Subscribe & Downl...

CVE-2025-49918 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.2 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Retrieve Embedded Sensitive Data.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.2...

CVE-2025-13880

The WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets Google Reviews, YouTube Feed, Photo Feeds, and More plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the getAdvanceSettings and saveAdvanceSettings...

WordPress plugin UniTravel 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin InstaWP Connect 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin WordPress Contact Form 7 PDF 安全漏洞

...

WordPress plugin Super Blank 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin Gardis 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Logtik 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Download Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin OpenID Connect Generic Client 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

CVE-2025-67962

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AIOSEO Plugin Team Broken Link Checker broken-link-checker-seo allows SQL Injection.This issue affects Broken Link Checker: from n/a through = 1.2.6...

WordPress plugin HTML Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

EUVD-2025-203536

Cross-Site Request Forgery CSRF vulnerability in Meks Meks Quick Plugin Disabler meks-quick-plugin-disabler allows Cross Site Request Forgery.This issue affects Meks Quick Plugin Disabler: from n/a through = 1.0...

CVE-2025-67962 WordPress Broken Link Checker plugin <= 1.2.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AIOSEO Plugin Team Broken Link Checker broken-link-checker-seo allows SQL Injection.This issue affects Broken Link Checker: from n/a through = 1.2.6...