5.9
CVE-2025-62142 - WordPress Post Video Players plugin <= 1.163 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicashmu Post Video Players video-playlist-and-gallery-plugin allows Stored XSS.This issue affects Post Video Players: from n/a through <= 1.163.
5.9
CVE-2025-62149 - WordPress Add Custom Codes plugin <= 4.80 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Stored XSS.This issue affects Add Custom Codes: from n/a through <= 4.80.
6.5
CVE-2025-62095 - WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through <= 1.3.2.
6.5
CVE-2025-62096 - WordPress Maximum Products per User for WooCommerce plugin <= 4.4.3 - Cross Site Scripting (XSS) vuโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Maximum Products per User for WooCommerce maximum-products-per-user-for-woocommerce allows Stored XSS.This issue affects Maximum Products per User for WooCommerce: from n/a through <= 4.4โฆ
6.5
CVE-2025-62097 - WordPress SEO Slider plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in seothemes SEO Slider seo-slider allows DOM-Based XSS.This issue affects SEO Slider: from n/a through <= 1.1.1.
6.5
CVE-2025-63020 - WordPress Postie plugin <= 1.9.73 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through <= 1.9.73.
6.5
CVE-2025-62111 - WordPress Extra Shortcodes plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Extra Shortcodes extra-shortcodes allows Stored XSS.This issue affects Extra Shortcodes: from n/a through <= 2.2.
6.5
CVE-2025-49357 - WordPress Audiomack plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in audiomack Audiomack audiomack allows Stored XSS.This issue affects Audiomack: from n/a through <= 1.4.8.
6.5
CVE-2025-62742 - WordPress Curator.io plugin <= 1.9.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Curator.io Curator.io curatorio allows Stored XSS.This issue affects Curator.io: from n/a through <= 1.9.5.
6.5
CVE-2025-62118 - WordPress AdWords Conversion Tracking Code plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kcseopro AdWords Conversion Tracking Code adwords-conversion-tracking-code allows Stored XSS.This issue affects AdWords Conversion Tracking Code: from n/a through <= 1.0.