4.3
CVE-2025-58865 - WordPress Compact Admin plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in reimund Compact Admin compact-admin allows Cross Site Request Forgery.This issue affects Compact Admin: from n/a through <= 1.3.3.
6.5
CVE-2025-58864 - WordPress ้ๆฐๆฎ Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamroody ้ๆฐๆฎ jinshuju allows Stored XSS.This issue affects ้ๆฐๆฎ: from n/a through <= 1.0.
6.5
CVE-2025-58863 - WordPress Zoomify embed for WP Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SdeWijs Zoomify embed for WP zoom-image-shortcode allows Stored XSS.This issue affects Zoomify embed for WP: from n/a through <= 1.5.2.
6.5
CVE-2025-58862 - WordPress WordPress Events Calendar Plugin โ connectDaily Plugin <= 1.5.5 - Cross Site Scripting (Xโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in George Sexton WordPress Events Calendar Plugin โ connectDaily connect-daily-web-calendar allows Stored XSS.This issue affects WordPress Events Calendar Plugin โ connectDaily: from n/a through <= 1.โฆ
7.1
CVE-2025-58861 - WordPress Quick Event Calendar Plugin <= 1.4.9 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in WP Corner Quick Event Calendar quick-event-calendar allows Stored XSS.This issue affects Quick Event Calendar: from n/a through <= 1.4.9.
7.1
CVE-2025-58860 - WordPress Enable Latex Plugin <= 1.2.16 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in KaizenCoders Enable Latex enable-latex allows Stored XSS.This issue affects Enable Latex: from n/a through <= 1.2.16.
7.1
CVE-2025-58859 - WordPress Add to Feedly Plugin <= 1.2.11 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in David Merinas Add to Feedly add-to-feedly allows Stored XSS.This issue affects Add to Feedly: from n/a through <= 1.2.11.
6.5
CVE-2025-58858 - WordPress WPB Image Widget Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean WPB Image Widget wpb-image-widget allows Stored XSS.This issue affects WPB Image Widget: from n/a through <= 1.1.
7.1
CVE-2025-58857 - WordPress Table of content Plugin <= 1.5.3.1 - Cross Site Request Forgery (CSRF) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders Table of content content-table allows Stored XSS.This issue affects Table of content: from n/a through <= 1.5.3.1.
6.5
CVE-2025-58856 - WordPress Woocommerce Notify Updated Product Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnโฆ
Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Notify Updated Product woocommerce-notify-updated-product allows Stored XSS.This issue affects Woocommerce Notify Updated Product: from n/a through <= 1.6.