0.0
CVE-2025-39590 - WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.1.9.
0.0
CVE-2025-39591 - WordPress WP Subscription Forms plugin <= 1.2.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through <= 1.2.3.
0.0
CVE-2025-39592 - WordPress Subscribe to Unlock Lite plugin <= 1.3.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Unlock Lite subscribe-to-unlock-lite allows PHP Local File Inclusion.This issue affects Subscribe to Unlock Lite: from n/a through <= 1.3.0.
0.0
CVE-2025-39593 - WordPress Ever Accounting plugin <= 2.1.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in EverAccounting Ever Accounting wp-ever-accounting allows Cross Site Request Forgery.This issue affects Ever Accounting: from n/a through <= 2.1.5.
0.0
CVE-2025-39597 - WordPress Fast eBay Listings plugin <= 2.12.15 - Open Redirection Vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Arthur Yarwood Fast eBay Listings fast-ebay-listings allows Phishing.This issue affects Fast eBay Listings: from n/a through <= 2.12.15.
0.0
CVE-2025-39598 - WordPress Administrator Z plugin <= 2025.03.28 - Directory Traversal Vulnerability
Path Traversal: '.../...//' vulnerability in Quรฝ Lรช 91 Administrator Z administrator-z allows Path Traversal.This issue affects Administrator Z: from n/a through <= 2025.03.28.
0.0
CVE-2025-39599 - WordPress Listdom plugin <= 4.0.0 - Open Redirection Vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Webilia Inc. Listdom listdom allows Phishing.This issue affects Listdom: from n/a through <= 4.0.0.
0.0
CVE-2025-39600 - WordPress Integration for WooCommerce and QuickBooks plugin <= 1.3.1 - Cross Site Request Forgery (โฆ
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for WooCommerce and QuickBooks wp-woocommerce-quickbooks allows Cross Site Request Forgery.This issue affects Integration for WooCommerce and QuickBooks: from n/a through <= 1.3.1.
0.0
CVE-2025-39601 - WordPress Custom CSS, JS & PHP plugin <= 2.4.1 - CSRF to RCE vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through <= 2.4.1.
0.0
CVE-2025-39602 - WordPress WooCommerce Product Table Lite plugin <= 3.9.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in WC Product Table WooCommerce Product Table Lite wc-product-table-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Product Table Lite: from n/a through <= 3.9.5.