9.8
CVE-2025-31380 - WordPress Paid Videochat Turnkey Site plugin <= 7.3.11 - Broken Authentication Vulnerability
Weak Password Recovery Mechanism for Forgotten Password vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Password Recovery Exploitation.This issue affects Paid Videochat Turnkey Site: from n/a through <= 7.3.11.
7.1
CVE-2025-32490 - WordPress wp secure plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebsiteDefender wp secure wp-secure-by-sitesecuritymonitorcom allows Stored XSS.This issue affects wp secure: from n/a through <= 1.2.
7.1
CVE-2025-32504 - WordPress Silvasoft boekhouden plugin <= 3.0.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silvasoft Silvasoft boekhouden silvasoft-boekhouden allows Reflected XSS.This issue affects Silvasoft boekhouden: from n/a through <= 3.0.6.
7.1
CVE-2025-32506 - WordPress AT Internet SmartTag plugin <= 0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BenDlz AT Internet SmartTag at-internet allows Reflected XSS.This issue affects AT Internet SmartTag: from n/a through <= 0.2.
7.1
CVE-2025-32507 - WordPress Event Espresso plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aakif Kadiwala Event Espresso β Custom Email Template Shortcode email-shortcode allows Reflected XSS.This issue affects Event Espresso β Custom Email Template Shortcode: from n/a through <= 1.0.0.
7.1
CVE-2025-32508 - WordPress Course Booking System plugin <= 6.1.2 - Reflected Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ComMotion Course Booking System course-booking-system allows Reflected XSS.This issue affects Course Booking System: from n/a through <= 6.1.2.
7.1
CVE-2025-32511 - WordPress Make Email Customizer for WooCommerce plugin <= 1.0.6 - Reflected Cross Site Scripting (Xβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Excellent Dynamics Make Email Customizer for WooCommerce make-email-customizer-for-woocommerce allows Reflected XSS.This issue affects Make Email Customizer for WooCommerce: from n/a through <= 1.0β¦
7.1
CVE-2025-32512 - WordPress Revamp CRM for WooCommerce plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in revampcrm Revamp CRM for WooCommerce revampcrm-woocommerce allows Reflected XSS.This issue affects Revamp CRM for WooCommerce: from n/a through <= 1.1.2.
7.1
CVE-2025-32513 - WordPress Total processing card payments for WooCommerce plugin <= 7.1.6 - Reflected Cross Site Scrβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in totalprocessing Nomupay Payment Processing Gateway totalprocessing-card-payments allows Reflected XSS.This issue affects Nomupay Payment Processing Gateway: from n/a through <= 7.1.6.
7.1
CVE-2025-32514 - WordPress WooCommerce Estimate and Quote plugin <= 1.0.2.5 - Reflected Cross Site Scripting (XSS) vβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cscode WooCommerce Estimate and Quote wc-estimate-and-quote allows Reflected XSS.This issue affects WooCommerce Estimate and Quote: from n/a through <= 1.0.2.5.