8.8
CVE-2025-32149 - WordPress teachPress plugin <= 9.0.11 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in winkm89 teachPress teachpress allows SQL Injection.This issue affects teachPress: from n/a through <= 9.0.11.
0.0
CVE-2025-32148 - WordPress Daisycon prijsvergelijkers plugin <= 4.8.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daisycon Daisycon prijsvergelijkers daisycon allows SQL Injection.This issue affects Daisycon prijsvergelijkers: from n/a through <= 4.8.4.
0.0
CVE-2025-32147 - WordPress Easy WP Optimizer Plugin <= 1.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in coothemes Easy WP Optimizer easy-wp-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy WP Optimizer: from n/a through <= 1.1.0.
0.0
CVE-2025-32146 - WordPress JS Job Manager plugin <= 2.0.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager js-jobs allows PHP Local File Inclusion.This issue affects JS Job Manager: from n/a through <= 2.0.2.
0.0
CVE-2025-32142 - WordPress Motors plugin <= 1.4.71 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix Motors motors-car-dealership-classified-listings allows PHP Local File Inclusion.This issue affects Motors: from n/a through <= 1.4.71.
0.0
CVE-2025-32141 - WordPress MasterStudy LMS plugin <= 3.5.28 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows PHP Local File Inclusion.This issue affects MasterStudy LMS: from n/a through <= 3.5.28.
0.0
CVE-2025-32138 - WordPress Easy Google Maps plugin <= 1.11.18 - XML External Entity vulnerability
Improper Restriction of XML External Entity Reference vulnerability in supsystic Easy Google Maps google-maps-easy allows XML Injection.This issue affects Easy Google Maps: from n/a through <= 1.11.18.
0.0
CVE-2025-32137 - WordPress s2Member plugin <= 250419 - Local File Inclusion vulnerability
Relative Path Traversal vulnerability in CristiΓ‘n LΓ‘vaque s2Member s2member allows Path Traversal.This issue affects s2Member: from n/a through <= 250419.
0.0
CVE-2025-32136 - WordPress ActiveCampaign Plugin <= 8.1.16 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in activecampaign ActiveCampaign activecampaign-subscription-forms allows Stored XSS.This issue affects ActiveCampaign: from n/a through <= 8.1.16.
0.0
CVE-2025-32135 - WordPress Split Test For Elementor plugin <= 1.8.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows Stored XSS.This issue affects Split Test For Elementor: from n/a through <= 1.8.4.