7.1
CVE-2025-47611 - WordPress User Meta plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Khaled User Meta user-meta allows Reflected XSS.This issue affects User Meta: from n/a through <= 3.1.2.
7.1
CVE-2025-47613 - WordPress School Management System for Wordpress plugin <= 92.0.0 - Reflected Cross Site Scripting β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla School Management allows Reflected XSS. This issue affects School Management: from n/a through 92.0.0.
7.1
CVE-2025-47618 - WordPress BMI Adult & Kid Calculator plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mortgage Calculator BMI Adult & Kid Calculator bmi-adultkid-calculator allows Reflected XSS.This issue affects BMI Adult & Kid Calculator: from n/a through <= 1.2.2.
6.5
CVE-2025-47619 - WordPress 6Storage Rentals plugin <= 2.20.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Path Traversal.This issue affects 6Storage Rentals: from n/a through <= 2.20.2.
8.8
CVE-2025-47631 - WordPress Hospital Management System plugin <= 47.0(20-11-2023) - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11.
10
CVE-2025-47637 - WordPress STAGGS plugin <= 2.11.0 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in STAGGS STAGGS staggs allows Upload a Web Shell to a Web Server.This issue affects STAGGS: from n/a through <= 2.11.0.
9.3
CVE-2025-47640 - WordPress Printcart Web to Print Product Designer for WooCommerce plugin <= 2.4.0 - SQL Injection Vβ¦
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows SQL Injection.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a thrβ¦
10
CVE-2025-47641 - WordPress Printcart Web to Print Product Designer for WooCommerce plugin <= 2.3.9 - Arbitrary File β¦
Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows Upload a Web Shell to a Web Server.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.3.9.
10
CVE-2025-47642 - WordPress Ajar in5 Embed plugin <= 3.1.5 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through <= 3.1.5.
0.0
CVE-2025-47646 - WordPress PSW Front-end Login & Registration plugin <= 1.13 - Broken Authentication Vulnerability
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration psw-login-and-registration allows Password Recovery Exploitation.This issue affects PSW Front-end Login & Registration: from n/a through <= 1.13.