0.0
CVE-2025-30808 - WordPress About Author plugin <= 1.6.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weblizar - WordPress Themes & Plugin About Author about-author allows Reflected XSS.This issue affects About Author: from n/a through <= 1.6.2.
0.0
CVE-2025-30802 - WordPress Our Team Members plugin <= 2.2 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPBean Our Team Members our-team-members.This issue affects Our Team Members: from n/a through <= 2.2.
0.0
CVE-2025-30798 - WordPress Better WishList API plugin <= 1.1.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rickonline_nl Better WishList API better-wlm-api allows Reflected XSS.This issue affects Better WishList API: from n/a through <= 1.1.4.
0.0
CVE-2025-30797 - WordPress Greek Multi Tool โ Fix peralinks, accents, auto create menus and more plugin <= 2.3.1 - Bโฆ
Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool โ Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greek Multi Tool โ Fix peralinks, accents, auto create menus and more: โฆ
0.0
CVE-2025-30796 - WordPress The Ultimate WordPress Toolkit โ WP Extended plugin <= 3.0.14 - Cross Site Scripting (XSSโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Extended The Ultimate WordPress Toolkit โ WP Extended wpextended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit โ WP Extended: from n/a through <= 3.0.14.
0.0
CVE-2025-30794 - WordPress Event Tickets plugin <= 5.20.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP Event Tickets event-tickets allows Reflected XSS.This issue affects Event Tickets: from n/a through <= 5.20.0.
0.0
CVE-2025-30793 - WordPress Houzez Property Feed plugin <= 2.5.4 - Arbitrary File Download Vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Property Hive Houzez Property Feed houzez-property-feed allows Path Traversal.This issue affects Houzez Property Feed: from n/a through <= 2.5.4.
0.0
CVE-2025-30782 - WordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through <= 1.2.9.
9.8
CVE-2025-30774 - WordPress Quiz Maker plugin <= 6.6.8.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Quiz Maker quiz-maker allows SQL Injection.This issue affects Quiz Maker: from n/a through <= 6.6.8.7.
0.0
CVE-2025-30622 - WordPress PostMash plugin <= 1.0.3 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in torsteino PostMash postmash-custom allows SQL Injection.This issue affects PostMash: from n/a through <= 1.0.3.