0.0
CVE-2025-48264 - WordPress Product Code for WooCommerce plugin <= 1.5.0 - CSRF to Database Update vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in artiosmedia Product Code for WooCommerce product-code-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Code for WooCommerce: from n/a through <= 1.5.0.
5.4
CVE-2025-48263 - WordPress MultiVendorX plugin <= 4.2.22 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Stored XSS.This issue affects MultiVendorX: from n/a through <= 4.2.22.
0.0
CVE-2025-48262 - WordPress Url Rewrite Analyzer plugin <= 1.3.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in M.Code Url Rewrite Analyzer url-rewrite-analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Url Rewrite Analyzer: from n/a through <= 1.3.3.
0.0
CVE-2025-48260 - WordPress GDPR CCPA Compliance Support plugin <= 2.7.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through <= 2.7.3.
0.0
CVE-2025-48259 - WordPress WP Mapa Politico EspaΓ±a plugin <= 3.8.0 - Cross Site Request Forgery (CSRF) to Settings Cβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico EspaΓ±a wp-mapa-politico-spain allows Cross Site Request Forgery.This issue affects WP Mapa Politico EspaΓ±a: from n/a through <= 3.8.0.
0.0
CVE-2025-48258 - WordPress Mega Menu Block plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jetmonsters Mega Menu Block getwid-megamenu allows Stored XSS.This issue affects Mega Menu Block: from n/a through <= 1.0.6.
0.0
CVE-2025-48257 - WordPress Projectopia plugin <= 5.1.17 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Projectopia Projectopia projectopia-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Projectopia: from n/a through <= 5.1.17.
5.4
CVE-2025-48256 - WordPress Import Social Events plugin <= 1.8.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through <= 1.8.5.
8.8
CVE-2025-48255 - WordPress Broadcast Live Video β Live Streaming : WebRTC, HLS, RTSP, RTMP plugin <= 6.2.4 - Cross Sβ¦
Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Cross Site Request Forgery.This issue affects Broadcast Live Video: from n/a through <= 6.2.4.
5.4
CVE-2025-48254 - WordPress Change Add to Cart Button Text for WooCommerce plugin <= 2.2.2 - Cross Site Scripting (XSβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a throβ¦