5.3
CVE-2023-52210 - WordPress Product Delivery Date for WooCommerce β Lite plugin <= 2.7.0 - Broken Access Control vulnβ¦
Vulnerability in Tyche softwares Product Delivery Date for WooCommerce β Lite.This issue affects Product Delivery Date for WooCommerce β Lite: from n/a through 2.7.0.
0.0
CVE-2025-68546 - WordPress Nika theme <= 1.2.14 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through <= 1.2.14.
0.0
CVE-2025-68544 - WordPress Diza theme <= 1.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through <= 1.3.15.
0.0
CVE-2025-68548 - WordPress Responsive Posts Carousel Pro plugin <= 15.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through <= 15.2.
0.0
CVE-2025-68550 - WordPress WPBulky plugin <= 1.1.13 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VillaTheme WPBulky wpbulky-wp-bulk-edit-post-types allows Blind SQL Injection.This issue affects WPBulky: from n/a through <= 1.1.13.
0.0
CVE-2025-68551 - WordPress VPSUForm plugin <= 3.2.24 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vikas Ratudi VPSUForm v-form allows Retrieve Embedded Sensitive Data.This issue affects VPSUForm: from n/a through <= 3.2.24.
0.0
CVE-2025-68556 - WordPress HAPPY plugin <= 1.0.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.9.
0.0
CVE-2025-68557 - WordPress Chakra test plugin <= 1.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Vikas Ratudi Chakra test chakra-test allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chakra test: from n/a through <= 1.0.1.
0.0
CVE-2025-68559 - WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Cross Site Scripting (XSS) vulβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) thegem-elements-elementor.This issue affects TheGem Theme Elements (for Elementor): from n/a through <= 5.10.5.1.
0.0
CVE-2025-68560 - WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Local File Inclusion vulnerabiβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) thegem-elements-elementor.This issue affects TheGem Theme Elements (for Elementor): from n/a through <= 5.10.5.1.