8.8
CVE-2025-47624 - WordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1.
4.8
CVE-2025-47623 - WordPress Easy PayPal Buy Now Button plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Easy PayPal Buy Now Button wp-ecommerce-paypal allows Stored XSS.This issue affects Easy PayPal Buy Now Button: from n/a through <= 2.0.
0.0
CVE-2025-47622 - WordPress Email Notification on Login plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Email Notification on Login email-notification-on-login allows Stored XSS.This issue affects Email Notification on Login: from n/a through <= 1.7.0.
0.0
CVE-2025-47621 - WordPress Meks Flexible Shortcodes plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through <= 1.3.6.
0.0
CVE-2025-47620 - WordPress Martins Free Monetized Ad Exchange Network plugin <= 1.0.6 - Cross Site Request Forgery (β¦
Cross-Site Request Forgery (CSRF) vulnerability in bundgaard Martins Free Monetized Ad Exchange Network martins-free-and-easy-ad-network-get-more-visitors allows Reflected XSS.This issue affects Martins Free Monetized Ad Exchange Network: from n/a through <= 1.0.6.
0.0
CVE-2025-47617 - WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Stored XSS.This issue affects WP Front User Submit / Front Editor: from n/a through <= 5.0.6.
0.0
CVE-2025-47616 - WordPress aBlocks plugin <= 1.9.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kodezen LLC aBlocks ablocks allows Stored XSS.This issue affects aBlocks: from n/a through <= 1.9.2.
0.0
CVE-2025-47615 - WordPress Amazon Product in a Post plugin <= 5.2.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flowdee Amazon Product in a Post amazon-product-in-a-post-plugin allows Stored XSS.This issue affects Amazon Product in a Post: from n/a through <= 5.2.2.
0.0
CVE-2025-47614 - WordPress LessButtons Social Sharing and Statistics plugin <= 1.6.1 - Cross Site Request Forgery (Cβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Chris Clark LessButtons Social Sharing and Statistics lessbuttons allows Cross Site Request Forgery.This issue affects LessButtons Social Sharing and Statistics: from n/a through <= 1.6.1.
8.8
CVE-2025-47612 - WordPress ClickWhale plugin <= 2.4.6 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ClickWhale ClickWhale clickwhale allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ClickWhale: from n/a through <= 2.4.6.