0.0
CVE-2025-49337 - WordPress Dashboard Beacon plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in janhenckens Dashboard Beacon wp-dashboard-beacon allows Stored XSS.This issue affects Dashboard Beacon: from n/a through <= 1.2.0.
0.0
CVE-2025-59135 - WordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eleopard Behance Portfolio Manager portfolio-manager-powered-by-behance allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through <= 1.7.5.
0.0
CVE-2025-62989 - WordPress Cooked plugin <= 1.11.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gora Tech Cooked cooked allows Stored XSS.This issue affects Cooked: from n/a through <= 1.11.3.
0.0
CVE-2025-23608 - WordPress LIVE TV plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Omar Mohamed Mohamoud LIVE TV live-tv allows Reflected XSS.This issue affects LIVE TV: from n/a through <= 1.2.
0.0
CVE-2025-62088 - WordPress WordPress & WooCommerce Scraper plugin, Import Data from Any Site plugin <= 1.0.7 - Serveβ¦
Server-Side Request Forgery (SSRF) vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site wp_scraper allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through <= 1.0.7.
0.0
CVE-2025-59138 - WordPress Genemy theme <= 1.6.6 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery (SSRF) vulnerability in Jthemes Genemy genemy allows Server Side Request Forgery.This issue affects Genemy: from n/a through <= 1.6.6.
5.1
CVE-2019-25262 - elinicksic Razgover Chat Message send.php cross site scripting
A security vulnerability has been detected in elinicksic Razgover up to db37dfc5c82f023a40f2f7834ded6633fb2b5262. This affects an unknown part of the file Chattify/send.php of the component Chat Message Handler. Such manipulation of the argument msg leads to cross site scripting. The attack may be β¦
0.0
CVE-2025-66154 - WordPress Couponer for Elementor plugin <= 1.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Couponer for Elementor couponer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Couponer for Elementor: from n/a through <= 1.1.7.
0.0
CVE-2025-66155 - WordPress Questionar for Elementor plugin <= 1.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Questionar for Elementor questionar-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Questionar for Elementor: from n/a through <= 1.1.7.
0.0
CVE-2025-66156 - WordPress Watcher for Elementor plugin <= 1.0.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Watcher for Elementor watcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watcher for Elementor: from n/a through <= 1.0.9.