0.0
CVE-2025-39391 - WordPress Checkout Field Visibility for WooCommerce plugin <= 1.3.0 - Local File Inclusion vulneraβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zamartz Checkout Field Visibility for WooCommerce checkout-field-visibility-for-woocommerce allows PHP Local File Inclusion.This issue affects Checkout Field Visibility for WooCoβ¦
0.0
CVE-2025-39397 - WordPress Anything Popup plugin <= 7.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in [email protected] Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3.
0.0
CVE-2025-39399 - WordPress License For Envato plugin <= 1.0.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashraful Sarkar Naiem License For Envato license-envato allows PHP Local File Inclusion.This issue affects License For Envato: from n/a through <= 1.0.0.
6.1
CVE-2025-39400 - WordPress User Registration plugin < 4.2.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows Reflected XSS.This issue affects User Registration: from n/a through < 4.2.0.
0.0
CVE-2025-39404 - WordPress Sassy Social Share plugin <= 3.3.73 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social Share sassy-social-share allows Phishing.This issue affects Sassy Social Share: from n/a through <= 3.3.73.
0.0
CVE-2025-39408 - WordPress BruteGuard β Brute Force Login Protection plugin <= 0.1.4 - Reflected Cross Site Scriptinβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress BruteGuard β Brute Force Login Protection bruteguard allows Reflected XSS.This issue affects BruteGuard β Brute Force Login Protection: from n/a through <= 0.1.4.
0.0
CVE-2025-46264 - WordPress PowerPress Podcasting <= 11.12.5 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in blubrry PowerPress Podcasting powerpress allows Upload a Web Shell to a Web Server.This issue affects PowerPress Podcasting: from n/a through <= 11.12.5.
0.0
CVE-2025-46230 - WordPress Popup Builder plugin <= 1.1.35 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GhozyLab Popup Builder easy-notify-lite allows PHP Local File Inclusion.This issue affects Popup Builder: from n/a through <= 1.1.35.
0.0
CVE-2025-46234 - WordPress Control Listings plugin <= 1.0.4.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Habibur Rahman Razib Control Listings control-listings allows Reflected XSS.This issue affects Control Listings: from n/a through <= 1.0.4.1.
0.0
CVE-2025-46248 - WordPress Frontend Dashboard plugin <= 2.2.5 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in M A Vinoth Kumar Frontend Dashboard frontend-dashboard allows SQL Injection.This issue affects Frontend Dashboard: from n/a through <= 2.2.5.