7.1
CVE-2025-52791 - WordPress Knowledge Base β Knowledge Base Maker plugin <= 1.1.8 - Cross Site Request Forgery (CSRF)β¦
Cross-Site Request Forgery (CSRF) vulnerability in devfelixmoira Knowledge Base β Knowledge Base Maker knowledge-base-maker allows Stored XSS.This issue affects Knowledge Base β Knowledge Base Maker: from n/a through <= 1.1.8.
7.1
CVE-2025-52792 - WordPress WP User Stylesheet Switcher plugin <= v2.2.0 - Cross Site Request Forgery (CSRF) Vulnerabβ¦
Cross-Site Request Forgery (CSRF) vulnerability in vgstef WP User Stylesheet Switcher wp-user-stylesheet-switcher allows Stored XSS.This issue affects WP User Stylesheet Switcher: from n/a through <= v2.2.0.
7.1
CVE-2025-52793 - WordPress Esselink.nu Settings plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Esselink.nu Esselink.nu Settings esselinknu-settings allows Reflected XSS.This issue affects Esselink.nu Settings: from n/a through <= 4.5.
7.1
CVE-2025-52794 - WordPress Creative Contact Form plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Creative Contact Form sexy-contact-form allows Stored XSS.This issue affects Creative Contact Form: from n/a through <= 1.0.0.
7.1
CVE-2025-52795 - WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Request Forgery (CSRF) vβ¦
Cross-Site Request Forgery (CSRF) vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Cross Site Request Forgery.This issue affects WP Front User Submit / Front Editor: from n/a through <= 5.0.6.
7.5
CVE-2025-52802 - WordPress Import YouTube videos as WP Posts plugin <= 2.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in enguerranws Import YouTube videos as WP Posts import-youtube-videos-as-wp-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Import YouTube videos as WP Posts: from n/a through <= 2.1.
8.5
CVE-2025-52821 - WordPress Video List Manager plugin <= 1.7 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7.
8.5
CVE-2025-52822 - WordPress WP Roadmap plugin <= 2.1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WP Roadmap wp-roadmap allows SQL Injection.This issue affects WP Roadmap: from n/a through <= 2.1.3.
8.8
CVE-2025-52825 - WordPress Real Estate Manager plugin <= 7.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Privilege Escalation.This issue affects Real Estate Manager: from n/a through <= 7.3.
6.5
CVE-2025-52733 - WordPress ANON::form embedded secure form plugin <= 1.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anonform Ab ANON::form embedded secure form anonform-embedded-secure-form allows DOM-Based XSS.This issue affects ANON::form embedded secure form: from n/a through <= 1.7.