6.5
CVE-2025-24764 - WordPress (Simply) Guest Author Name plugin <= 4.36 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A. Jones (Simply) Guest Author Name guest-author-name allows DOM-Based XSS.This issue affects (Simply) Guest Author Name: from n/a through <= 4.36.
5.3
CVE-2025-24757 - WordPress uDesign theme <= 4.11.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in AndonDesign uDesign udesign.This issue affects uDesign: from n/a through <= 4.11.2.
5.3
CVE-2025-24748 - WordPress Avada theme <= 7.11.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeFusion Avada avada.This issue affects Avada: from n/a through <= 7.11.10.
5.9
CVE-2025-24735 - WordPress Chatra Live Chat + ChatBot + Cart Saver plugin <= 1.0.11 - Cross Site Scripting (XSS) Vulβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chatra Chatra Live Chat + ChatBot + Cart Saver allows Stored XSS. This issue affects Chatra Live Chat + ChatBot + Cart Saver: from n/a through 1.0.11.
4.3
CVE-2025-23972 - WordPress Contact Form 7 reCAPTCHA plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Brian S. Reed Contact Form 7 reCAPTCHA contact-form-7-recaptcha allows Cross Site Request Forgery.This issue affects Contact Form 7 reCAPTCHA: from n/a through <= 1.2.0.
4.3
CVE-2025-53569 - WordPress Trust Payments Gateway for WooCommerce (JavaScript Library) plugin <= 1.3.6 - Cross Site β¦
Cross-Site Request Forgery (CSRF) vulnerability in Trust Payments Trust Payments Gateway for WooCommerce (JavaScript Library) trust-payments-gateway-3ds2 allows Cross Site Request Forgery.This issue affects Trust Payments Gateway for WooCommerce (JavaScript Library): from n/a through <= 1.3.6.
4.3
CVE-2025-53568 - WordPress Radio Station plugin <= 2.5.12 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio Station radio-station allows Cross Site Request Forgery.This issue affects Radio Station: from n/a through <= 2.5.12.
6.5
CVE-2025-53566 - WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 7.8 - Cross Site Scripting (XSS) Vulnβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Stored XSS.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 7.8.
6.5
CVE-2024-9453 - Jenkins-image: sensitive data disclosure when using openshift jenkins image
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if theyβ¦
5.3
CVE-2025-32918 - Livestatus injection in autocomplete endpoint
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.