0.0
CVE-2025-39516 - WordPress Author WIP Progress Bar plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alan Petersen Author WIP Progress Bar author-work-in-progress-bar allows DOM-Based XSS.This issue affects Author WIP Progress Bar: from n/a through <= 1.0.
0.0
CVE-2025-39517 - WordPress Basic Interactive World Map plugin <= 2.7 - Cross Site Request Forgery (CSRF) to Settingsβ¦
Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basic Interactive World Map basic-interactive-world-map allows Cross Site Request Forgery.This issue affects Basic Interactive World Map: from n/a through <= 2.7.
0.0
CVE-2025-39518 - WordPress BMA Lite plugin <= 1.4.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RedefiningTheWeb BMA Lite bma-lite-appointment-booking-and-scheduling allows SQL Injection.This issue affects BMA Lite: from n/a through <= 1.4.2.
0.0
CVE-2025-39520 - WordPress Checkout Files Upload for WooCommerce plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham Checkout Files Upload for WooCommerce checkout-files-upload-woocommerce allows Stored XSS.This issue affects Checkout Files Upload for WooCommerce: from n/a through <= 2.2.0.
0.0
CVE-2025-39522 - WordPress Dynamic Post plugin <= 5.03 - Settings Change vulnerability
Missing Authorization vulnerability in Service2Client LLC Dynamic Post dynamic-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Post: from n/a through <= 5.03.
0.0
CVE-2025-39524 - WordPress Html5 Audio Player plugin <= 2.2.28 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through <= 2.2.28.
0.0
CVE-2025-39525 - WordPress Logo Carousel Slider plugin <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Logo Carousel Slider logo-carousel-slider allows Stored XSS.This issue affects Logo Carousel Slider: from n/a through <= 2.1.3.
5.4
CVE-2025-39528 - WordPress Rescue Shortcodes plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes rescue-shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a through <= 3.1.
0.0
CVE-2025-39529 - WordPress Scriptless Social Sharing plugin <= 3.3.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robin Cornett Scriptless Social Sharing scriptless-social-sharing allows Stored XSS.This issue affects Scriptless Social Sharing: from n/a through <= 3.3.0.
0.0
CVE-2025-39530 - WordPress Site Search 360 plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) to stored XSS vulneraβ¦
Cross-Site Request Forgery (CSRF) vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through <= 2.1.8.