7.1
CVE-2025-32581 - WordPress WordPress Spam Blocker Plugin <= 2.0.5 - CSRF to Stored XSS vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ankit Singla WordPress Spam Blocker cf7-manual-spam-blocker allows Stored XSS.This issue affects WordPress Spam Blocker: from n/a through <= 2.0.5.
7.1
CVE-2025-32584 - WordPress Chat2 plugin <= 4.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Chat2 Chat2 chat2 allows Cross Site Request Forgery.This issue affects Chat2: from n/a through <= 4.0.
7.1
CVE-2025-32591 - WordPress WP Abstracts Plugin <= 2.7.5 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Cross Site Request Forgery.This issue affects WP Abstracts: from n/a through <= 2.7.5.
7.1
CVE-2025-32597 - WordPress WordPress Events Calendar Plugin β connectDaily plugin <= 1.5.4 - CSRF to Cross-Site Scriβ¦
Cross-Site Request Forgery (CSRF) vulnerability in George Sexton WordPress Events Calendar Plugin β connectDaily connect-daily-web-calendar allows Cross-Site Scripting (XSS).This issue affects WordPress Events Calendar Plugin β connectDaily: from n/a through <= 1.5.4.
7.1
CVE-2025-32610 - WordPress Foliopress WYSIWYG plugin <= 2.6.18 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in FolioVision Foliopress WYSIWYG foliopress-wysiwyg allows Cross Site Request Forgery.This issue affects Foliopress WYSIWYG: from n/a through <= 2.6.18.
7.1
CVE-2025-32612 - WordPress User Session Synchronizer plugin <= 1.4.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in rafasashi User Session Synchronizer user-session-synchronizer allows Stored XSS.This issue affects User Session Synchronizer: from n/a through <= 1.4.0.
7.1
CVE-2025-32616 - WordPress Nimbata Call Tracking plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in nimbata Nimbata Call Tracking nimbata-call-tracking allows Stored XSS.This issue affects Nimbata Call Tracking: from n/a through <= 1.8.0.
7.1
CVE-2025-32617 - WordPress Multiple Location Google Map plugin <= 1.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Ydesignservices Multiple Location Google Map multiple-location-google-map allows Stored XSS.This issue affects Multiple Location Google Map: from n/a through <= 1.1.
7.1
CVE-2025-32619 - WordPress KeyCAPTCHA plugin <= 2.5.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in KeyCAPTCHA KeyCAPTCHA keycaptcha allows Stored XSS.This issue affects KeyCAPTCHA: from n/a through <= 2.5.1.
7.1
CVE-2025-32621 - WordPress WP Map Route Planner plugin <= 1.0.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital WP Map Route Planner wp-map-route-planner allows Cross Site Request Forgery.This issue affects WP Map Route Planner: from n/a through <= 1.0.0.