0.0
CVE-2025-30773 - WordPress TranslatePress plugin <= 2.9.6 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Cozmoslabs TranslatePress translatepress-multilingual allows Object Injection.This issue affects TranslatePress: from n/a through <= 2.9.6.
0.0
CVE-2025-30771 - WordPress WP Cassify plugin <= 2.3.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alain-Aymerick FRANCOIS WP Cassify wp-cassify allows DOM-Based XSS.This issue affects WP Cassify: from n/a through <= 2.3.5.
0.0
CVE-2025-30770 - WordPress Charitable plugin <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable charitable allows DOM-Based XSS.This issue affects Charitable: from n/a through <= 1.8.4.7.
0.0
CVE-2025-30769 - WordPress WIP WooCarousel Lite plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vuβ¦
Cross-Site Request Forgery (CSRF) vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through <= 1.1.7.
0.0
CVE-2025-30772 - WordPress WPC Smart Upsell Funnel for WooCommerce plugin <= 3.0.4 - Arbitrary Option Update to Privβ¦
Missing Authorization vulnerability in WPClever WPC Smart Upsell Funnel for WooCommerce wpc-smart-upsell-funnel allows Privilege Escalation.This issue affects WPC Smart Upsell Funnel for WooCommerce: from n/a through <= 3.0.4.
0.0
CVE-2025-30768 - WordPress jAlbum Bridge plugin <= 2.0.18 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mlaza jAlbum Bridge jalbum-bridge allows Stored XSS.This issue affects jAlbum Bridge: from n/a through <= 2.0.18.
0.0
CVE-2025-30767 - WordPress PDF for WPForms plugin <= 5.3.0 - Arbitrary Shortcode Execution vulnerability
Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through <= 5.3.0.
0.0
CVE-2025-30766 - WordPress Happy Addons for Elementor plugin <= 3.16.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows DOM-Based XSS.This issue affects Happy Addons for Elementor: from n/a through <= 3.16.2.
0.0
CVE-2025-30765 - WordPress FlexStock plugin <= 3.13.1 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPPOOL FlexStock stock-sync-with-google-sheet-for-woocommerce allows Blind SQL Injection.This issue affects FlexStock: from n/a through <= 3.13.1.
0.0
CVE-2025-30764 - WordPress Football Pool plugin <= 2.12.2 - Cross Site Request Forgery (CSRF) to Settings Change vulβ¦
Cross-Site Request Forgery (CSRF) vulnerability in AntoineH Football Pool football-pool allows Cross Site Request Forgery.This issue affects Football Pool: from n/a through <= 2.12.2.