6.5
CVE-2025-46240 - WordPress Simple Download Counter plugin <= 2.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Simple Download Counter simple-download-counter allows Stored XSS.This issue affects Simple Download Counter: from n/a through <= 2.2.
6.5
CVE-2025-46239 - WordPress Theme Switcha plugin <= 3.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Theme Switcha theme-switcha allows Stored XSS.This issue affects Theme Switcha: from n/a through <= 3.4.
6.5
CVE-2025-46238 - WordPress List Last Changes plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rbaer List Last Changes list-last-changes allows Stored XSS.This issue affects List Last Changes: from n/a through <= 1.2.1.
6.5
CVE-2025-46237 - WordPress Link Library plugin <= 7.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows Stored XSS.This issue affects Link Library: from n/a through <= 7.8.
6.5
CVE-2025-46236 - WordPress HTML Forms plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms html-forms allows Stored XSS.This issue affects HTML Forms: from n/a through <= 1.5.2.
6.5
CVE-2025-46235 - WordPress SKT Blocks โ Gutenberg based Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) Vulnโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through <= 2.0.
6.5
CVE-2025-46233 - WordPress Sirv plugin <= 7.5.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sirv CDN and Image Hosting Sirv sirv allows Stored XSS.This issue affects Sirv: from n/a through <= 7.5.3.
4.3
CVE-2025-46232 - WordPress Download Alt Text AI plugin <= 1.9.93 - Broken Access Control Vulnerability
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through <= 1.9.93.
5.4
CVE-2025-46231 - WordPress affiliate-toolkit plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in SERVIT Software Solutions affiliate-toolkit affiliate-toolkit-starter allows Cross Site Request Forgery.This issue affects affiliate-toolkit: from n/a through <= 3.7.3.
5.9
CVE-2025-46229 - WordPress Textmetrics plugin <= 3.6.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Israpil Textmetrics webtexttool allows Stored XSS.This issue affects Textmetrics: from n/a through <= 3.6.2.