5.4
CVE-2025-50010 - WordPress Zapier for WordPress plugin <= 1.5.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Zapier Zapier for WordPress zapier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zapier for WordPress: from n/a through <= 1.5.2.
5.9
CVE-2025-50011 - WordPress plugin Recipes manager - WPH <=1.0.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FΓ©lix MartΓnez Recipes manager - WPH allows Stored XSS. This issue affects Recipes manager - WPH: from n/a through 1.0.4.
5.9
CVE-2025-50012 - WordPress Inventory Presser plugin <= 15.2.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fridaysystems Inventory Presser inventory-presser allows Stored XSS.This issue affects Inventory Presser: from n/a through <= 15.2.6.
5.9
CVE-2025-50013 - WordPress CSV Importer Improved plugin <= 0.6.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason Judge CSV Importer Improved csv-importer-improved allows Stored XSS.This issue affects CSV Importer Improved: from n/a through <= 0.6.1.
5.9
CVE-2025-50014 - WordPress PDPA Consent for Thailand plugin <= 1.1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamapinan PDPA Consent for Thailand pdpa-consent allows Stored XSS.This issue affects PDPA Consent for Thailand: from n/a through <= 1.1.1.
5.9
CVE-2025-50015 - WordPress Hand Talk plugin <= 6.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rodrigo Bastos Hand Talk handtalk allows Stored XSS.This issue affects Hand Talk: from n/a through <= 6.1.
5.9
CVE-2025-50016 - WordPress IP Based Login plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brijeshk89 IP Based Login ip-based-login allows Stored XSS.This issue affects IP Based Login: from n/a through <= 2.4.2.
5.9
CVE-2025-50017 - WordPress WP Voting Contest plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through <= 5.8.
5.9
CVE-2025-50018 - WordPress Tealium plugin <= 2.1.20 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through <= 2.1.20.
5.9
CVE-2025-50019 - WordPress Simple Sticky Footer plugin <= 1.3.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sandor Kovacs Simple Sticky Footer simple-sticky-footer allows Stored XSS.This issue affects Simple Sticky Footer : from n/a through <= 1.3.5.