0.0
CVE-2025-39581 - WordPress Themify Shortcodes plugin <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Shortcodes themify-shortcodes allows Stored XSS.This issue affects Themify Shortcodes: from n/a through <= 2.1.3.
0.0
CVE-2025-39582 - WordPress WP Data Access plugin <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Passionate Programmer Peter WP Data Access wp-data-access allows DOM-Based XSS.This issue affects WP Data Access: from n/a through <= 5.5.36.
0.0
CVE-2025-39584 - WordPress Eventin plugin <= 4.0.25 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Arraytics Eventin wp-event-solution allows PHP Local File Inclusion.This issue affects Eventin: from n/a through <= 4.0.25.
0.0
CVE-2025-39585 - WordPress Travelfic Toolkit plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Travelfic Toolkit travelfic-toolkit allows Stored XSS.This issue affects Travelfic Toolkit: from n/a through <= 1.2.1.
0.0
CVE-2025-39589 - WordPress Essential Addons for Elementor plugin <= 6.1.9 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Retrieve Embedded Sensitive Data.This issue affects Essential Addons for Elementor: from n/a through <= 6.1.9.
0.0
CVE-2025-39590 - WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.1.9.
0.0
CVE-2025-39591 - WordPress WP Subscription Forms plugin <= 1.2.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through <= 1.2.3.
0.0
CVE-2025-39592 - WordPress Subscribe to Unlock Lite plugin <= 1.3.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Unlock Lite subscribe-to-unlock-lite allows PHP Local File Inclusion.This issue affects Subscribe to Unlock Lite: from n/a through <= 1.3.0.
0.0
CVE-2025-39593 - WordPress Ever Accounting plugin <= 2.1.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in EverAccounting Ever Accounting wp-ever-accounting allows Cross Site Request Forgery.This issue affects Ever Accounting: from n/a through <= 2.1.5.
0.0
CVE-2025-39597 - WordPress Fast eBay Listings plugin <= 2.12.15 - Open Redirection Vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Arthur Yarwood Fast eBay Listings fast-ebay-listings allows Phishing.This issue affects Fast eBay Listings: from n/a through <= 2.12.15.