7.1
CVE-2025-49342 - WordPress Custom Style plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in merzedes Custom Style custom-style allows Stored XSS.This issue affects Custom Style: from n/a through <= 1.0.
4.5
CVE-2025-69277 - libsodium: libsodium: Improper validation of elliptic curve points could lead to data integrity or β¦
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.
7.1
CVE-2025-49353 - WordPress Noindex by Path plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Marcin Kijak Noindex by Path noindex-by-path allows Stored XSS.This issue affects Noindex by Path: from n/a through <= 1.0.
7.1
CVE-2025-68885 - WordPress Custom Post Status plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnβ¦
Cross-Site Request Forgery (CSRF) vulnerability in page-carbajal Custom Post Status custom-post-status allows Stored XSS.This issue affects Custom Post Status: from n/a through <= 1.1.0.
7.1
CVE-2025-49354 - WordPress Recent Posts From Each Category plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulneraβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through <= 1.4.
7.1
CVE-2025-49343 - WordPress Social Profilr plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in socialprofilr Social Profilr social-profilr-display-social-network-profile allows Stored XSS.This issue affects Social Profilr: from n/a through <= 1.0.
7.1
CVE-2025-49344 - WordPress SensitiveTagCloud plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in reneade SensitiveTagCloud sensitive-tag-cloud allows Stored XSS.This issue affects SensitiveTagCloud: from n/a through <= 1.4.1.
7.1
CVE-2025-49345 - WordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in mg12 WP-EasyArchives wp-easyarchives allows Stored XSS.This issue affects WP-EasyArchives: from n/a through <= 3.1.2.
5.3
CVE-2025-15375 - EyouCMS arcpagelist Ajax.php unserialize deserialization
A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of the file application/api/controller/Ajax.php of the component arcpagelist Handler. Executing a manipulation of the argument attstr can lead to deserialization. The attack can be launched remotely. The β¦
7.1
CVE-2025-49346 - WordPress Simple Archive Generator plugin <= 5.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in peterwsterling Simple Archive Generator simple-archive-generator allows Stored XSS.This issue affects Simple Archive Generator: from n/a through <= 5.2.