0.0
CVE-2025-32129 - WordPress Welcome Bar plugin <= 2.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Risk Mitigation, Inc. Welcome Bar intelly-welcome-bar allows Stored XSS.This issue affects Welcome Bar: from n/a through <= 2.0.4.
0.0
CVE-2025-32127 - WordPress onOffice for WP-Websites plugin <= 5.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows SQL Injection.This issue affects onOffice for WP-Websites: from n/a through <= 5.7.
0.0
CVE-2025-32126 - WordPress Pay with Contact Form 7 Plugin <= 1.0.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows SQL Injection.This issue affects Pay with Contact Form 7: from n/a through <= 1.0.4.
0.0
CVE-2025-32125 - WordPress Silvasoft boekhouden plugin <= 3.0.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silvasoft Silvasoft boekhouden silvasoft-boekhouden allows SQL Injection.This issue affects Silvasoft boekhouden: from n/a through <= 3.0.6.
0.0
CVE-2025-32124 - WordPress Behance Portfolio Manager plugin <= 1.7.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eleopard Behance Portfolio Manager portfolio-manager-powered-by-behance allows Blind SQL Injection.This issue affects Behance Portfolio Manager: from n/a through <= 1.7.5.
0.0
CVE-2025-32122 - WordPress uListing plugin <= 2.2.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing ulisting allows Blind SQL Injection.This issue affects uListing: from n/a through <= 2.2.0.
0.0
CVE-2025-32121 - WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member gallery-for-ultimate-member allows SQL Injection.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through <= 1.1.3.
0.0
CVE-2025-32120 - WordPress Easy Query β WP Query Builder plugin <= 2.0.4 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in edanzer Easy Query β WP Query Builder easy-query allows Blind SQL Injection.This issue affects Easy Query β WP Query Builder: from n/a through <= 2.0.4.
0.0
CVE-2025-32118 - WordPress CMP β Coming Soon & Maintenance plugin <= 4.1.14 - Remote Code Execution (RCE) vulnerabilβ¦
Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP β Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP β Coming Soon & Maintenance: from n/a through <= 4.1.14.
0.0
CVE-2025-32113 - WordPress Libro de Reclamaciones y Quejas plugin <= 1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows Cross Site Request Forgery.This issue affects Libro de Reclamaciones y Quejas: from n/a through <= 1.0.