0.0
CVE-2025-48330 - WordPress Real Time Validation for Gravity Forms <= 1.7.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Formsβ¦
0.0
CVE-2025-48290 - WordPress Kinsley theme <= 3.4.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in bslthemes Kinsley kinsley allows PHP Local File Inclusion.This issue affects Kinsley: from n/a through <= 3.4.4.
8.2
CVE-2025-48090 - WordPress Blanka - One Page WordPress Theme Theme < 1.5 - Local File Inclusion Vulnerability
Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka-wp allows PHP Local File Inclusion.This issue affects Blanka - One Page WordPress Theme: from n/a through < 1.5.
0.0
CVE-2025-48089 - WordPress Education WordPress Theme | HiStudy theme < 3.1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rainbow-Themes Education WordPress Theme | HiStudy histudy allows SQL Injection.This issue affects Education WordPress Theme | HiStudy: from n/a through < 3.1.0.
0.0
CVE-2025-48086 - WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in wpdreams Ajax Search Lite ajax-search-lite allows Object Injection.This issue affects Ajax Search Lite: from n/a through <= 4.13.3.
0.0
CVE-2025-48085 - WordPress Simple Stripe plugin <= 0.9.17 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabβ¦
Cross-Site Request Forgery (CSRF) vulnerability in ZIPANG Simple Stripe simple-stripe allows Stored XSS.This issue affects Simple Stripe: from n/a through <= 0.9.17.
0.0
CVE-2025-48083 - WordPress wpNamedUsers plugin <= 0.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in andriassundskard wpNamedUsers wpnamedusers allows Stored XSS.This issue affects wpNamedUsers: from n/a through <= 0.5.
0.0
CVE-2025-48078 - WordPress Slick Google Map plugin <= 0.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Norbert Slick Google Map slick-google-map allows Stored XSS.This issue affects Slick Google Map: from n/a through <= 0.3.
0.0
CVE-2025-48077 - WordPress Block Country plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabiliβ¦
Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block Country block-country allows Stored XSS.This issue affects Block Country: from n/a through <= 1.0.
0.0
CVE-2025-47588 - WordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execβ¦
Improper Control of Generation of Code ('Code Injection') vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Code Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through <= 4.5.9.