0.0
CVE-2025-32586 - WordPress ABA PayWay Payment Gateway for WooCommerce Plugin <= 2.1.4 - Reflected Cross Site Scriptiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ABA Bank ABA PayWay Payment Gateway for WooCommerce aba-payway-woocommerce-payment-gateway allows Reflected XSS.This issue affects ABA PayWay Payment Gateway for WooCommerce: from n/a through <= 2.β¦
0.0
CVE-2025-32585 - WordPress Shop Products Filter Plugin <= 1.2 - Local File Inclusion vulnerability
Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through <= 1.2.
0.0
CVE-2025-32579 - WordPress Sync Posts Plugin <= 1.0 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through <= 1.0.
0.0
CVE-2025-32577 - WordPress Build App Online Plugin <= 1.0.23 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hakeemnala Build App Online build-app-online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through <= 1.0.23.
0.0
CVE-2025-32569 - WordPress TableOn plugin <= 1.0.4.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in RealMag777 TableOn posts-table-filterable allows Object Injection.This issue affects TableOn: from n/a through <= 1.0.4.3.
0.0
CVE-2025-32568 - WordPress EmpikPlace for Woocommerce Plugin <= 1.4.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in empik EmpikPlace for Woocommerce empik-for-woocommerce allows Object Injection.This issue affects EmpikPlace for Woocommerce: from n/a through <= 1.4.3.
0.0
CVE-2025-32567 - WordPress Easy Post Duplicator Plugin <= 1.0.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in dev02ali Easy Post Duplicator easy-post-duplicator allows SQL Injection.This issue affects Easy Post Duplicator: from n/a through <= 1.0.1.
0.0
CVE-2025-32565 - WordPress Neon Product Designer Plugin <= 2.2.0 - Unauthenticated SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vertim Neon Product Designer neon-product-designer-for-woocommerce allows SQL Injection.This issue affects Neon Product Designer: from n/a through <= 2.2.0.
0.0
CVE-2025-32558 - WordPress Duplicate Title Checker Plugin <= 1.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ketanajani Duplicate Title Checker duplicate-title-checker allows Blind SQL Injection.This issue affects Duplicate Title Checker: from n/a through <= 1.2.
0.0
CVE-2025-32553 - WordPress RestroPres plugin <= 3.2.8.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magnigenie RestroPress restropress allows Reflected XSS.This issue affects RestroPress: from n/a through <= 3.2.8.4.