0.0
CVE-2025-30614 - WordPress Google Font Fix plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haozhe Xie Google Font Fix google-font-fix allows Reflected XSS.This issue affects Google Font Fix: from n/a through <= 2.3.1.
0.0
CVE-2025-30613 - WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N-Media Nmedia MailChimp nmedia-mailchimp-widget allows Stored XSS.This issue affects Nmedia MailChimp: from n/a through <= 5.4.
0.0
CVE-2025-30607 - WordPress Quick Localization plugin <= 0.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Name.ly Quick Localization quick-localization allows Reflected XSS.This issue affects Quick Localization: from n/a through <= 0.1.0.
0.0
CVE-2025-30594 - WordPress Include URL plugin <= 0.3.5 Arbitrary File Download Vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in samsk Include URL include-url allows Path Traversal.This issue affects Include URL: from n/a through <= 0.3.5.
0.0
CVE-2025-30589 - WordPress Flickr set slideshows plugin <= 0.9 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dourou Flickr set slideshows flickr-set-slideshows allows SQL Injection.This issue affects Flickr set slideshows: from n/a through <= 0.9.
0.0
CVE-2025-30579 - WordPress Pesapal Gateway for Woocommerce plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vuโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jakeii Pesapal Gateway for Woocommerce pesapal-for-woocommerce allows Reflected XSS.This issue affects Pesapal Gateway for Woocommerce: from n/a through <= 2.1.0.
0.0
CVE-2025-30563 - WordPress Tidekey plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in makong Tidekey tidekey allows Reflected XSS.This issue affects Tidekey: from n/a through <= 1.1.
0.0
CVE-2025-30559 - WordPress Kento WordPress Stats plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through <= 1.1.
0.0
CVE-2025-30548 - WordPress Advanced Post Search plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VarDump s.r.l. Advanced Post Search advanced-post-search allows Reflected XSS.This issue affects Advanced Post Search: from n/a through <= 1.1.0.
0.0
CVE-2025-30547 - WordPress WP Cards plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Tufts WP Cards wp-cards allows Reflected XSS.This issue affects WP Cards: from n/a through <= 1.5.1.