6.5
CVE-2025-58880 - WordPress Translate This gTranslate Shortcode Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reubenthiessen Translate This gTranslate Shortcode allows Stored XSS. This issue affects Translate This gTranslate Shortcode: from n/a through 1.0.
6.5
CVE-2025-58878 - WordPress Woocommerce Gifts Product Plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerabiliβ¦
Cross-Site Request Forgery (CSRF) vulnerability in usamafarooq Woocommerce Gifts Product allows Cross Site Request Forgery. This issue affects Woocommerce Gifts Product: from n/a through 1.0.0.
6.5
CVE-2025-58876 - WordPress Aparat Video Shortcode Plugin <= 0.2.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ali Aghdam Aparat Video Shortcode allows Stored XSS. This issue affects Aparat Video Shortcode: from n/a through 0.2.4.
6.5
CVE-2025-58875 - WordPress WP Github Gist Plugin <= 0.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sudar Muthu WP Github Gist allows Stored XSS. This issue affects WP Github Gist: from n/a through 0.5.
6.5
CVE-2025-58874 - WordPress StoryMap Plugin <= 2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in josepsitjar StoryMap allows DOM-Based XSS. This issue affects StoryMap: from n/a through 2.1.
5.9
CVE-2025-58873 - WordPress Pushe Web Push Notification Plugin <= 0.5.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pusheco Pushe Web Push Notification allows Stored XSS. This issue affects Pushe Web Push Notification: from n/a through 0.5.0.
6.5
CVE-2025-58872 - WordPress Simple Price Calculator Plugin <= 1.3 - Broken Access Control Vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in premiumbizthemes Simple Price Calculator allows Retrieve Embedded Sensitive Data. This issue affects Simple Price Calculator: from n/a through 1.3.
6.5
CVE-2025-58871 - WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luis Rock Master Paper Collapse Toggle allows Stored XSS. This issue affects Master Paper Collapse Toggle: from n/a through 1.1.
6.5
CVE-2025-58870 - WordPress WP-GraphViz Plugin <= 1.5.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeBAAT WP-GraphViz allows DOM-Based XSS. This issue affects WP-GraphViz: from n/a through 1.5.1.
6.5
CVE-2025-58869 - WordPress SimaCookie Plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Simasicher SimaCookie allows Stored XSS. This issue affects SimaCookie: from n/a through 1.3.2.