6.5
CVE-2025-32196 - WordPress News Kit Elementor Addons plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through <= 1.4.2.
6.5
CVE-2025-32195 - WordPress Ecwid Shopping Cart plugin <= 7.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Stored XSS.This issue affects Ecwid Shopping Cart: from n/a through <= 7.0.
6.5
CVE-2025-32194 - WordPress LA-Studio Element Kit for Elementor plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through <= 1.5.1.
6.5
CVE-2025-32193 - WordPress Simple WP Events plugin <= 1.8.17 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMinds Simple WP Events simple-wp-events allows Stored XSS.This issue affects Simple WP Events: from n/a through <= 1.8.17.
6.5
CVE-2025-32192 - WordPress Ultra Addons Lite for Elementor plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UltraPress Ultra Addons Lite for Elementor ut-elementor-addons-lite allows Stored XSS.This issue affects Ultra Addons Lite for Elementor: from n/a through <= 1.1.8.
6.5
CVE-2025-32191 - WordPress News Element Elementor Blog Magazine plugin <= 1.0.9 - Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon News Element Elementor Blog Magazine news-element allows DOM-Based XSS.This issue affects News Element Elementor Blog Magazine: from n/a through <= 1.0.9.
6.5
CVE-2025-32190 - WordPress Musician's Pack For Elementor plugin <= 1.8.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smartwpress Musician's Pack For Elementor music-pack-for-elementor allows DOM-Based XSS.This issue affects Musician's Pack For Elementor: from n/a through <= 1.8.7.
6.5
CVE-2025-32189 - WordPress BWD Elementor Addons plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Best WP Developer BWD Elementor Addons bwd-elementor-addons allows DOM-Based XSS.This issue affects BWD Elementor Addons: from n/a through <= 4.4.2.
6.5
CVE-2025-32188 - WordPress Advanced Woo Labels plugin <= 2.15 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Stored XSS.This issue affects Advanced Woo Labels: from n/a through <= 2.15.
6.5
CVE-2025-32187 - WordPress Administrator Z plugin <= 2026.04.05 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuΓ½ LΓͺ 91 Administrator Z administrator-z allows DOM-Based XSS.This issue affects Administrator Z: from n/a through <= 2026.04.05.