0.0
CVE-2025-53282 - WordPress Thumbnail Editor plugin <= 2.3.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com Thumbnail Editor thumbnail-editor allows Stored XSS.This issue affects Thumbnail Editor: from n/a through <= 2.3.3.
0.0
CVE-2025-53281 - WordPress WPB Category Slider for WooCommerce plugin <= 1.71 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPBean WPB Category Slider for WooCommerce wpb-woocommerce-category-slider allows PHP Local File Inclusion.This issue affects WPB Category Slider for WooCommerce: from n/a througβ¦
0.0
CVE-2025-53280 - WordPress Football Pool plugin <= 2.12.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AntoineH Football Pool football-pool allows Stored XSS.This issue affects Football Pool: from n/a through <= 2.12.5.
0.0
CVE-2025-53279 - WordPress Popup addon for Ninja Forms plugin <= 3.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows DOM-Based XSS.This issue affects Popup addon for Ninja Forms: from n/a through <= 3.4.
0.0
CVE-2025-53278 - WordPress WP AdCenter plugin <= 2.6.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter wpadcenter allows Stored XSS.This issue affects WP AdCenter: from n/a through <= 2.6.0.
0.0
CVE-2025-53277 - WordPress IS-theme-companion plugin <= 1.59 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Infigo Software IS-theme-companion weblizar-companion allows Object Injection.This issue affects IS-theme-companion: from n/a through <= 1.59.
0.0
CVE-2025-53276 - WordPress Omnipress plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows DOM-Based XSS.This issue affects Omnipress: from n/a through <= 1.6.4.
0.0
CVE-2025-53275 - WordPress Leyka plugin <= 3.32.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VaultDweller Leyka leyka allows DOM-Based XSS.This issue affects Leyka: from n/a through <= 3.32.1.
0.0
CVE-2025-53274 - WordPress WP Permalink Translator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Hossin Asaadi WP Permalink Translator wp-permalink-translator allows Stored XSS.This issue affects WP Permalink Translator: from n/a through <= 1.7.6.
0.0
CVE-2025-53273 - WordPress Slickstream plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Slickstream Slickstream slick-engagement allows Cross Site Request Forgery.This issue affects Slickstream: from n/a through <= 2.0.3.