PT-2025-52587

Name of the Vulnerable Software and Affected Versions SureForms versions prior to 2.2.0 Description The SureForms plugin for WordPress is susceptible to Stored Cross-Site Scripting through the form field parameters. Insufficient input sanitization and output escaping allow unauthenticated attacke...

CVE-2025-5835

The Droip plugin for WordPress is vulnerable to unauthorized modification and access of data due to a missing capability check on the droippostapis function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2025-22525

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bharat Kambariya Donation Block For PayPal donations-block allows Stored XSS.This issue affects Donation Block For PayPal: from n/a through = 2.2.0...

CVE-2024-54293 WordPress CE21 Suite plugin <= 2.2.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through 2.2.0...

CVE-2024-54293 WordPress CE21 Suite plugin <= 2.2.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite ce21-suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through = 2.2.0...

xxl-job Information Disclosure Vulnerability

xxl-job is a distributed task scheduling platform with core design goals of rapid development, simple learning, lightweight, and easy scalability. An information disclosure vulnerability exists in xxl-job 2.2.0, which can be exploited by an attacker to obtain username, model, and password...