5.4
CVE-2025-58672 - WordPress WP User Frontend Plugin <= 4.1.12 - Broken Access Control Vulnerability
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.1.12.
5.4
CVE-2025-58673 - WordPress WP User Frontend Plugin <= 4.1.12 - Content Injection Vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through <= 4.1.12.
4.3
CVE-2025-58675 - WordPress Interact: Embed A Quiz On Your Site Plugin <= 3.1 - Cross Site Request Forgery (CSRF) Vulβ¦
Cross-Site Request Forgery (CSRF) vulnerability in tryinteract Interact: Embed A Quiz On Your Site interact-quiz-embed allows Cross Site Request Forgery.This issue affects Interact: Embed A Quiz On Your Site: from n/a through <= 3.1.
7.1
CVE-2025-58676 - WordPress HORIZONTAL SLIDER Plugin <= 2.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in extendyourweb HORIZONTAL SLIDER horizontal-slider allows Stored XSS.This issue affects HORIZONTAL SLIDER: from n/a through <= 2.4.
7.1
CVE-2025-58677 - WordPress ShrinkTheWeb (STW) Website Previews Plugin <= 2.8.5 - Cross Site Request Forgery (CSRF) Vβ¦
Cross-Site Request Forgery (CSRF) vulnerability in puravida1976 ShrinkTheWeb (STW) Website Previews shrinktheweb-website-preview-plugin allows Stored XSS.This issue affects ShrinkTheWeb (STW) Website Previews: from n/a through <= 2.8.5.
6.5
CVE-2025-58678 - WordPress Accordion Plugin <= 2.3.15 - Broken Access Control Vulnerability
Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion: from n/a through <= 2.3.15.
5.3
CVE-2025-58679 - WordPress AppMySite plugin <= 3.15.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in AppMySite AppMySite appmysite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AppMySite: from n/a through <= 3.15.0.
6.5
CVE-2025-58680 - WordPress Gutentor plugin <= 3.5.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in gutentor Gutentor gutentor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutentor: from n/a through <= 3.5.2.
5.3
CVE-2025-58681 - WordPress Easy Quotes Plugin <= 1.2.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in JΓΌrgen MΓΌller Easy Quotes easy-quotes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Quotes: from n/a through <= 1.2.4.
6.5
CVE-2025-58682 - WordPress Kama Click Counter plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timur Kamaev Kama Click Counter kama-clic-counter allows Stored XSS.This issue affects Kama Click Counter: from n/a through <= 4.0.4.