5.4
CVE-2025-53219 - WordPress WP-Database-Optimizer-Tools Plugin <= 0.2 - Cross Site Request Forgery (CSRF) Vulnerabiliβ¦
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools wp-database-optimizer-tools allows Cross Site Request Forgery.This issue affects WP-Database-Optimizer-Tools: from n/a through <= 0.2.
4.3
CVE-2025-53221 - WordPress CodeablePress plugin <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in codeablepress CodeablePress codeablepress-simple-frontend-profile-picture-upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CodeablePress: from n/a through <= 1.0.2.
5.5
CVE-2025-53241 - WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery (SSRF) vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through <= 1.0.11.
6.5
CVE-2025-53249 - WordPress Build App Online Plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online build-app-online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through <= 1.0.23.
6.5
CVE-2025-53330 - WordPress WP Rentals theme <= 3.16.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals wprentals allows Stored XSS.This issue affects WP Rentals: from n/a through <= 3.16.1.
4.3
CVE-2025-53341 - WordPress Stratus Theme <= 4.2.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Themovation App, SaaS & Software Startup Tech Theme - Stratus stratusx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App, SaaS & Software Startup Tech Theme - Stratus: from n/a through <= 4.2.5.
6.5
CVE-2025-53342 - WordPress Modernize Theme <= 3.4.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize modernize allows Stored XSS.This issue affects Modernize: from n/a through <= 3.4.0.
4.3
CVE-2025-53343 - WordPress Modernize Theme <= 3.4.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through <= 3.4.0.
4.3
CVE-2025-53347 - WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through <= 3.18.3.
7.1
CVE-2025-53575 - WordPress Primer MyData for Woocommerce Plugin <= 4.2.5 - Cross Site Request Forgery (CSRF) Vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in primersoftware Primer MyData for Woocommerce primer-mydata allows Reflected XSS.This issue affects Primer MyData for Woocommerce: from n/a through <= 4.2.5.