0.0
CVE-2025-27299 - WordPress MyTicket Events plugin <= 1.2.4 - Non-Arbitrary File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Asia MyTicket Events myticket-events allows Path Traversal.This issue affects MyTicket Events: from n/a through <= 1.2.4.
0.0
CVE-2025-27302 - WordPress CHATLIVE plugin <= 2.0.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Claudio Adrian Marrero CHATLIVE chatlive allows SQL Injection.This issue affects CHATLIVE: from n/a through <= 2.0.1.
0.0
CVE-2025-27308 - WordPress WP Video Posts plugin <= 3.5.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmstactics WP Video Posts wp-video-posts allows Reflected XSS.This issue affects WP Video Posts: from n/a through <= 3.5.1.
0.0
CVE-2025-27309 - WordPress flickr-slideshow-wrapper Plugin <= 5.4.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeannot Muller flickr-slideshow-wrapper flickr-slideshow-wrapper allows Stored XSS.This issue affects flickr-slideshow-wrapper: from n/a through <= 5.4.6.
0.0
CVE-2025-27310 - WordPress Page and Post Lister plugin <= 1.2.1 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in Radius of Thought Page and Post Lister page-and-post-lister allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page and Post Lister: from n/a through <= 1.2.1.
0.0
CVE-2025-27313 - WordPress Google Maps GPX Viewer Plugin <= 3.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bernd Altmeier Google Maps GPX Viewer google-maps-gpx-viewer allows Reflected XSS.This issue affects Google Maps GPX Viewer: from n/a through <= 3.6.
0.0
CVE-2025-27314 - WordPress Kush Micro News Plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kush Sharma Kush Micro News kush-micro-news allows Stored XSS.This issue affects Kush Micro News: from n/a through <= 1.6.7.
0.0
CVE-2025-27319 - WordPress User List plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivan82 User List user-list allows Reflected XSS.This issue affects User List: from n/a through <= 1.5.1.
0.0
CVE-2025-27322 - WordPress QR Code for WooCommerce Plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bappa Mal QR Code for WooCommerce wc-qr-codes allows Reflected XSS.This issue affects QR Code for WooCommerce: from n/a through <= 1.2.0.
0.0
CVE-2025-27324 - WordPress 17TRACK for WooCommerce Plugin <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 17track 17TRACK for WooCommerce 17track allows Reflected XSS.This issue affects 17TRACK for WooCommerce: from n/a through <= 1.2.10.