4.9
CVE-2025-59138 - WordPress Genemy theme <= 1.6.6 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery (SSRF) vulnerability in Jthemes Genemy genemy allows Server Side Request Forgery.This issue affects Genemy: from n/a through <= 1.6.6.
5.1
CVE-2019-25262 - elinicksic Razgover Chat Message send.php cross site scripting
A security vulnerability has been detected in elinicksic Razgover up to db37dfc5c82f023a40f2f7834ded6633fb2b5262. This affects an unknown part of the file Chattify/send.php of the component Chat Message Handler. Such manipulation of the argument msg leads to cross site scripting. The attack may be โฆ
5.4
CVE-2025-66154 - WordPress Couponer for Elementor plugin <= 1.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Couponer for Elementor couponer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Couponer for Elementor: from n/a through <= 1.1.7.
5.4
CVE-2025-66155 - WordPress Questionar for Elementor plugin <= 1.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Questionar for Elementor questionar-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Questionar for Elementor: from n/a through <= 1.1.7.
5.4
CVE-2025-66156 - WordPress Watcher for Elementor plugin <= 1.0.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Watcher for Elementor watcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watcher for Elementor: from n/a through <= 1.0.9.
5.4
CVE-2025-66157 - WordPress Sliper for Elementor plugin <= 1.0.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Sliper for Elementor sliper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sliper for Elementor: from n/a through <= 1.0.10.
5.4
CVE-2025-66158 - WordPress Gmaper for Elementor plugin <= 1.0.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Gmaper for Elementor gmaper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gmaper for Elementor: from n/a through <= 1.0.9.
5.4
CVE-2025-66159 - WordPress Walker for Elementor plugin <= 1.1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Walker for Elementor walker-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Walker for Elementor: from n/a through <= 1.1.6.
5.4
CVE-2025-66160 - WordPress Select Graphist for Elementor Graphist for Elementor plugin <= 1.2.10 - Broken Access Coโฆ
Missing Authorization vulnerability in merkulove Select Graphist for Elementor Graphist for Elementor graphist-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Select Graphist for Elementor Graphist for Elementor: from n/a through <= 1.2.10.
6.5
CVE-2025-63021 - WordPress Valenti Engine plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codetipi Valenti Engine valenti-engine allows DOM-Based XSS.This issue affects Valenti Engine: from n/a through <= 1.0.3.