5.3
CVE-2025-57896 - WordPress Church Admin Plugin <= 5.0.26 - Broken Access Control Vulnerability
Missing Authorization vulnerability in andy_moyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Church Admin: from n/a through 5.0.26.
4.3
CVE-2025-57895 - WordPress JobWP Plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.4.3.
4.3
CVE-2025-57894 - WordPress WPPizza Plugin <= 3.19.8 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ollybach WPPizza allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPPizza: from n/a through 3.19.8.
4.3
CVE-2025-57893 - WordPress WP Fast Total Search Plugin <= 1.79.270 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross Site Request Forgery. This issue affects WP Fast Total Search: from n/a through 1.79.270.
4.3
CVE-2025-57892 - WordPress Simple Statistics for Feeds Plugin <= 20250322 - Cross Site Request Forgery (CSRF) Vulnerβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Starr Simple Statistics for Feeds allows Cross Site Request Forgery. This issue affects Simple Statistics for Feeds: from n/a through 20250322.
5.9
CVE-2025-57891 - WordPress Recurring PayPal Donations Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS. This issue affects Recurring PayPal Donations: from n/a through 1.8.
5.9
CVE-2025-57890 - WordPress Sessions Plugin <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Sessions allows Stored XSS. This issue affects Sessions: from n/a through 3.2.0.
5.3
CVE-2025-57888 - WordPress Jobmonster Theme <= 4.8.0 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NooTheme Jobmonster allows Retrieve Embedded Sensitive Data. This issue affects Jobmonster: from n/a through 4.8.0.
6.5
CVE-2025-57887 - WordPress Jobmonster Theme <= 4.8.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster allows Stored XSS. This issue affects Jobmonster: from n/a through 4.8.0.
5.4
CVE-2025-57886 - WordPress Accessibility Checker by Equalize Digital Plugin <= 1.30.0 - Insecure Direct Object Referβ¦
Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.30.0.