6.5
CVE-2025-47679 - WordPress RS WP Book Showcase plugin <= 6.7.59 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RS WP THEMES RS WP Book Showcase rs-wp-books-showcase allows DOM-Based XSS.This issue affects RS WP Book Showcase: from n/a through <= 6.7.59.
6.5
CVE-2025-47677 - WordPress Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery plugin <= 2.7.7.25 - Cross Siโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gt3themes Photo Gallery gt3-photo-video-gallery allows Stored XSS.This issue affects Photo Gallery: from n/a through <= 2.7.7.25.
6.5
CVE-2025-47676 - WordPress User Login History plugin <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faiyaz Alam User Login History user-login-history allows Stored XSS.This issue affects User Login History: from n/a through <= 2.1.6.
6.5
CVE-2025-47675 - WordPress Woobox plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox woobox allows DOM-Based XSS.This issue affects Woobox: from n/a through <= 1.6.
4.3
CVE-2025-47674 - WordPress Credova_Financial plugin <= 2.5.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Credova Financial Credova_Financial credova-financial allows Cross Site Request Forgery.This issue affects Credova_Financial: from n/a through <= 2.5.0.
6.5
CVE-2025-47669 - WordPress CBX Map for Google Map & OpenStreetMap plugin <= 1.1.12 - Cross Site Scripting (XSS) Vulnโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap cbxgooglemap allows DOM-Based XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through <= 1.1.12.
5.9
CVE-2025-47668 - WordPress CookieCode plugin <= 2.4.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cookiecode CookieCode cookiecode allows Stored XSS.This issue affects CookieCode: from n/a through <= 2.4.4.
5.4
CVE-2025-47667 - WordPress LiveAgent plugin <= 4.4.7 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in qusupport LiveAgent liveagent allows Cross Site Request Forgery.This issue affects LiveAgent: from n/a through <= 4.4.7.
5.9
CVE-2025-47665 - WordPress N360 | Splash Screen plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bistromatic N360 | Splash Screen n360-splash-screen allows Stored XSS.This issue affects N360 | Splash Screen: from n/a through <= 1.0.6.
4.4
CVE-2025-47664 - WordPress WP Pipes <= 1.4.2 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery (SSRF) vulnerability in ThimPress WP Pipes allows Server Side Request Forgery. This issue affects WP Pipes: from n/a through 1.4.2.