0.0
CVE-2025-32606 - WordPress Listings for Buildium plugin <= 0.1.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Listings for Buildium listings-for-buildium allows Stored XSS.This issue affects Listings for Buildium: from n/a through <= 0.1.5.
0.0
CVE-2025-32608 - WordPress Movylo Marketing Automation Plugin <= 2.0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Movylo Movylo Marketing Automation movylo-widget allows Reflected XSS.This issue affects Movylo Marketing Automation: from n/a through <= 2.0.7.
0.0
CVE-2025-32609 - WordPress Verowa Connect Plugin <= 3.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Reflected XSS.This issue affects Verowa Connect: from n/a through <= 3.0.4.
0.0
CVE-2025-32611 - WordPress WooCommerce TBC Credit Card Payment Gateway (Free) Plugin <= 2.0.0 - Reflected Cross Siteβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in We Are De WooCommerce TBC Credit Card Payment Gateway (Free) woo-tbc-payment-gateway allows Reflected XSS.This issue affects WooCommerce TBC Credit Card Payment Gateway (Free): from n/a through <= β¦
0.0
CVE-2025-32613 - WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through <= 2.3.4.
0.0
CVE-2025-32615 - WordPress Clinked Client Portal Plugin <= 1.10 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Clinked Clinked Client Portal clinked-client-portal allows Reflected XSS.This issue affects Clinked Client Portal: from n/a through <= 1.10.
0.0
CVE-2025-32620 - WordPress Doppler Forms plugin <= 2.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in fromdoppler Doppler Forms doppler-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Doppler Forms: from n/a through <= 2.4.6.
0.0
CVE-2025-32622 - WordPress OTP-less one tap Sign in Plugin <= 2.0.58 - Reflected Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTP-less OTP-less one tap Sign in otpless allows Reflected XSS.This issue affects OTP-less one tap Sign in: from n/a through <= 2.0.58.
0.0
CVE-2025-32625 - WordPress Mobile Blocks Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pootlepress Mobile Pages mobile-pages allows Reflected XSS.This issue affects Mobile Pages: from n/a through <= 1.0.2.
9.8
CVE-2025-32626 - WordPress JS Job Manager plugin <= 2.0.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Job Manager js-jobs allows SQL Injection.This issue affects JS Job Manager: from n/a through <= 2.0.2.