0.0
CVE-2025-27337 - WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through <= 0.4.14.
0.0
CVE-2025-27338 - WordPress List Urls Plugin <= 0.2 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in graphems List Urls list-urls allows Reflected XSS.This issue affects List Urls: from n/a through <= 0.2.
0.0
CVE-2025-27343 - WordPress WooCommerce HTML5 Video Plugin <= 1.7.10 - Reflected Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop WooCommerce HTML5 Video woocommerce-html5-video allows Reflected XSS.This issue affects WooCommerce HTML5 Video: from n/a through <= 1.7.10.
0.0
CVE-2025-27345 - WordPress Booking Ultra Pro Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Reflected XSS.This issue affects Booking Ultra Pro: from n/a through <= 1.1.19.
0.0
CVE-2025-27346 - WordPress Rebuild Permalinks Plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gerrygooner Rebuild Permalinks rebuild-permalinks allows Reflected XSS.This issue affects Rebuild Permalinks: from n/a through <= 1.6.
0.0
CVE-2025-27354 - WordPress Simple Email Subscriber plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phil88530 Simple Email Subscriber simple-email-subscriber allows Reflected XSS.This issue affects Simple Email Subscriber: from n/a through <= 2.3.
0.0
CVE-2025-31006 - WordPress Activity Reactions For Buddypress plugin <= 1.0.22 - Reflected Cross Site Scripting (XSS)β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arete-it Activity Reactions For Buddypress activity-reactions-for-buddypress allows Reflected XSS.This issue affects Activity Reactions For Buddypress: from n/a through <= 1.0.22.
0.0
CVE-2025-31018 - WordPress FireDrum Email Marketing plugin <= 1.64 - Reflected Cross Site Scripting (XSS) vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FireDrum FireDrum Email Marketing firedrum-email-marketing allows Reflected XSS.This issue affects FireDrum Email Marketing: from n/a through <= 1.64.
0.0
CVE-2025-31030 - WordPress Ray Enterprise Translation plugin <= 1.7.0 - Local File Inclusion via CSRF Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows PHP Local File Inclusion.This issue affects Ray Enterprise Translation: from n/a through <= 1.7.0.
0.0
CVE-2025-31380 - WordPress Paid Videochat Turnkey Site plugin <= 7.3.11 - Broken Authentication Vulnerability
Weak Password Recovery Mechanism for Forgotten Password vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Password Recovery Exploitation.This issue affects Paid Videochat Turnkey Site: from n/a through <= 7.3.11.