CVE-2025-49959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pascal Casier bbPress Move Topics bbp-move-topics allows Reflected XSS.This issue affects bbPress Move Topics: from n/a through = 1.1.6...

CVE-2025-53420

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows Reflected XSS.This issue affects WPLMS: from n/a through = 1.9.9.8...

EUVD-2025-35660

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ArkSigner Software and Hardware Inc. AcBakImzala allows Reflected XSS.This issue affects AcBakImzala: before v5.1.4...

EUVD-2025-35470

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AndonDesign UDesign Core u-design-core allows Reflected XSS.This issue affects UDesign Core: from n/a through = 4.14.0...

EUVD-2025-35454

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through = 0.9...

EUVD-2025-35566

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Calvaweb Password only login password-only-login allows Reflected XSS.This issue affects Password only login: from n/a through = 0.2...

CVE-2025-53422

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeWarriors WhatsApp Chat for WordPress and WooCommerce tw-whatsapp-chat-rotator allows Reflected XSS.This issue affects WhatsApp Chat for WordPress and WooCommerce: from n/a through = 1.2.1...

CVE-2025-53351

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fidelo Software GmbH Fidelo Snippet thebing-snippet allows Reflected XSS.This issue affects Fidelo Snippet: from n/a through = 1.12...

CVE-2025-52770

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in appscreo Hello Followers hellofollowers allows Reflected XSS.This issue affects Hello Followers: from n/a through = 2.5...

CVE-2025-52742

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Igor Benic Pets pets allows Reflected XSS.This issue affects Pets: from n/a through = 1.4.1...

CVE-2025-49958

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in robokassa Robokassa payment gateway for Woocommerce robokassa allows Reflected XSS.This issue affects Robokassa payment gateway for Woocommerce: from n/a through = 1.8.6...

CVE-2025-49946

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cynob IT Consultancy Auto Login After Registration auto-login-after-registration allows Reflected XSS.This issue affects Auto Login After Registration: from n/a through = 1.0.0...

CVE-2025-53350 WordPress Calendar Plus plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through = 1.2.4...

CVE-2025-53297 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerce Envato Affiliates: from n/a through = 1.2.1...

CVE-2025-53351 WordPress Fidelo Snippet plugin <= 1.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fidelo Software GmbH Fidelo Snippet thebing-snippet allows Reflected XSS.This issue affects Fidelo Snippet: from n/a through = 1.12...

CVE-2025-53351

CVE-2025-53351 corresponds to a WordPress Fidelo Snippet plugin vulnerability (versions through 1.12) where improper input neutralization during web page generation enables reflected XSS. Affected component: Fidelo Snippet (WordPress plugin). Root cause: inadequate input sanitization in the page ...

CVE-2025-52770

CVE-2025-52770 concerns the WordPress Hello Followers plugin (versions up to and including 2.5). The vulnerability is a reflected Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. Affected component: Hellofollowers plugin; root cause: improper handling...

CVE-2025-52753

CVE-2025-52753 affects the WordPress plugin Contact Form by Supsystic (versions up to and including 1.7.35). The issue is a Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient input filtering/escaping in web page generation, allowing an attacker to inject arbitrary script vi...

CVE-2025-52751 WordPress Slide Puzzle plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colome Slide Puzzle slide-puzzle allows Reflected XSS.This issue affects Slide Puzzle: from n/a through = 1.0.0...

CVE-2025-52741

CVE-2025-52741 affects WordPress Post Connector plugin up to version 1.0.11. The flaw is improper input neutralization during web page generation, resulting in a reflected XSS condition. Affected components: Post Connector (WordPress plugin); potential impact includes client-side script execution...