0.0
CVE-2025-47467 - WordPress GS Testimonial Slider plugin <= 3.3.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in GS Plugins GS Testimonial Slider gs-testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Testimonial Slider: from n/a through <= 3.3.0.
0.0
CVE-2025-47466 - WordPress Ultimate WP Mail plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate WP Mail: from n/a through <= 1.3.4.
0.0
CVE-2025-47465 - WordPress Blocksy theme <= 2.0.97 - Broken Access Control Vulnerability
Missing Authorization vulnerability in creativethemeshq Blocksy blocksy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blocksy: from n/a through <= 2.0.97.
0.0
CVE-2025-47464 - WordPress Solace Extra plugin <= 1.3.1 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through <= 1.3.1.
0.0
CVE-2025-47462 - WordPress Challan plugin <= 3.7.58 - CSRF to Privilege Escalation vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in WebAppick Challan webappick-pdf-invoice-for-woocommerce allows Privilege Escalation.This issue affects Challan: from n/a through <= 3.7.58.
0.0
CVE-2025-47460 - WordPress TrackShip for WooCommerce plugin <= 1.9.1 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TrackShip TrackShip for WooCommerce trackship-for-woocommerce allows SQL Injection.This issue affects TrackShip for WooCommerce: from n/a through <= 1.9.1.
0.0
CVE-2025-47459 - WordPress WP Fundraising Donation and Crowdfunding Platform plugin <= 1.7.3 - Cross Site Request Foβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through <= 1.7.3.
0.0
CVE-2025-47457 - WordPress LocateAndFilter plugin <= 1.6.16 - Broken Access Control Vulnerability
Missing Authorization vulnerability in dgamoni LocateAndFilter locateandfilter allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LocateAndFilter: from n/a through <= 1.6.16.
0.0
CVE-2025-47456 - WordPress WP Gravity Forms Zendesk plugin <= 1.1.2 - Open Redirection Vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Zendesk gf-zendesk allows Phishing.This issue affects WP Gravity Forms Zendesk: from n/a through <= 1.1.2.
0.0
CVE-2025-47455 - WordPress Integration for WooCommerce and Salesforce plugin <= 1.7.5 - Open Redirection Vulnerabiliβ¦
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Salesforce woo-salesforce-plugin-crm-perks allows Phishing.This issue affects Integration for WooCommerce and Salesforce: from n/a through <= 1.7.5.