CVE-2025-69007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Popping Sidebars and Widgets Light popping-sidebars-and-widgets-light allows Stored XSS.This issue affects Popping Sidebars and Widgets Light: from n/a through = 1.27...

CVE-2025-69007

Technical details for CVE-2025-69007 are not provided in the connected documents. No vendor/product/version/impact/fix specifics are available beyond the initial description. Monitor for updates.

CVE-2025-69007 WordPress Popping Sidebars and Widgets Light plugin <= 1.27 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Popping Sidebars and Widgets Light popping-sidebars-and-widgets-light allows Stored XSS.This issue affects Popping Sidebars and Widgets Light: from n/a through = 1.27...

PT-2025-53889

Name of the Vulnerable Software and Affected Versions OTWthemes Popping Sidebars and Widgets Light versions through 1.27 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This issue could...

WordPress Astra Widgets plugin cross-site scripting vulnerability

WordPress Astra Widgets plugin is a widgets extension plugin developed by the Astra Themes team to enhance the functionality of Astra themes. WordPress Astra Widgets plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping...

WordPress plugin Popping Sidebars and Widgets Light 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress Astra Widgets plugin <= 1.2.16 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by benzdeus in WordPress Plugin Astra Widgets versions = 1.2.16...

WordPress Popping Sidebars and Widgets Light plugin <= 1.27 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Popping Sidebars and Widgets Light versions = 1.27...

CVE-2025-68497

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.16...

CVE-2025-68595

Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widgets for Social Photo Feed: from n/a through = 1.8...

WordPress Plugin Ultimate Member Widgets for Elementor Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Ultimate Member Widgets...

EUVD-2025-205240

Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widgets for Social Photo Feed: from n/a through = 1.7.7...

EUVD-2025-205210

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.16...

CVE-2025-68595

Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widgets for Social Photo Feed: from n/a through = 1.8...

CVE-2025-68497

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.16...

CVE-2025-68595 WordPress Widgets for Social Photo Feed plugin <= 1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widgets for Social Photo Feed: from n/a through = 1.8...

CVE-2025-68595 WordPress Widgets for Social Photo Feed plugin <= 1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widgets for Social Photo Feed: from n/a through = 1.8...

CVE-2025-68497

The CVE-2025-68497 entry covers a Stored XSS vulnerability in Brainstorm Force Astra Widgets (astra-widgets) affecting versions up to 1.2.16. The root cause is improper neutralization/escaping of user-supplied input during web page generation, enabling arbitrary scripts to be injected into pages ...

CVE-2025-68497 WordPress Astra Widgets plugin <= 1.2.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.16...

CVE-2025-68497 WordPress Astra Widgets plugin <= 1.2.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.16...