0.0
CVE-2025-39576 - WordPress WPAdverts plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts wpadverts allows Stored XSS.This issue affects WPAdverts: from n/a through <= 2.2.1.
0.0
CVE-2025-39577 - WordPress PropertyHive plugin <= 2.1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Property Hive PropertyHive propertyhive allows Stored XSS.This issue affects PropertyHive: from n/a through <= 2.1.2.
0.0
CVE-2025-39578 - WordPress Responsive Blocks plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons allows Stored XSS.This issue affects Responsive Blocks: from n/a through <= 2.0.2.
0.0
CVE-2025-39579 - WordPress Membership For WooCommerce plugin <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows DOM-Based XSS.This issue affects Membership For WooCommerce: from n/a through <= 2.8.0.
0.0
CVE-2025-39581 - WordPress Themify Shortcodes plugin <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Shortcodes themify-shortcodes allows Stored XSS.This issue affects Themify Shortcodes: from n/a through <= 2.1.3.
0.0
CVE-2025-39582 - WordPress WP Data Access plugin <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Passionate Programmer Peter WP Data Access wp-data-access allows DOM-Based XSS.This issue affects WP Data Access: from n/a through <= 5.5.36.
0.0
CVE-2025-39584 - WordPress Eventin plugin <= 4.0.25 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Arraytics Eventin wp-event-solution allows PHP Local File Inclusion.This issue affects Eventin: from n/a through <= 4.0.25.
0.0
CVE-2025-39585 - WordPress Travelfic Toolkit plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Travelfic Toolkit travelfic-toolkit allows Stored XSS.This issue affects Travelfic Toolkit: from n/a through <= 1.2.1.
0.0
CVE-2025-39589 - WordPress Essential Addons for Elementor plugin <= 6.1.9 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Retrieve Embedded Sensitive Data.This issue affects Essential Addons for Elementor: from n/a through <= 6.1.9.
0.0
CVE-2025-39590 - WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.1.9.