6.5
CVE-2025-32189 - WordPress BWD Elementor Addons plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Best WP Developer BWD Elementor Addons bwd-elementor-addons allows DOM-Based XSS.This issue affects BWD Elementor Addons: from n/a through <= 4.4.2.
6.5
CVE-2025-32188 - WordPress Advanced Woo Labels plugin <= 2.15 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Stored XSS.This issue affects Advanced Woo Labels: from n/a through <= 2.15.
6.5
CVE-2025-32187 - WordPress Administrator Z plugin <= 2026.04.05 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuΓ½ LΓͺ 91 Administrator Z administrator-z allows DOM-Based XSS.This issue affects Administrator Z: from n/a through <= 2026.04.05.
6.5
CVE-2025-32186 - WordPress Turbo Addons for Elementor plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Turbo Addons Turbo Addons Elementor turbo-addons-elementor allows DOM-Based XSS.This issue affects Turbo Addons Elementor: from n/a through <= 1.7.7.
6.5
CVE-2025-32185 - WordPress Colibri Page Builder plugin <= 1.0.329 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Extend Themes Colibri Page Builder colibri-page-builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through <= 1.0.329.
6.5
CVE-2025-32184 - WordPress Ultimate Store Kit Elementor Addons plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through <= 2.5.0.
6.5
CVE-2025-32183 - WordPress Video Playlist For YouTube plugin <= 6.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through <= 6.8.
6.5
CVE-2025-32182 - WordPress Spider Elements β Addons for Elementor plugin <= 1.6.5 - Cross Site Scripting (XSS) vulneβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spider Themes Spider Elements spider-elements allows Stored XSS.This issue affects Spider Elements: from n/a through <= 1.6.5.
6.5
CVE-2025-32181 - WordPress Search, Filters & Merchandising for WooCommerce plugin <= 3.0.58 - Stored Cross Site Scriβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fast Simon Search, Filters & Merchandising for WooCommerce instantsearch-for-woocommerce allows Stored XSS.This issue affects Search, Filters & Merchandising for WooCommerce: from n/a through <= 3.β¦
6.5
CVE-2025-32179 - WordPress Maps for WP Plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc Maps for WP maps-for-wp allows Stored XSS.This issue affects Maps for WP: from n/a through <= 1.2.4.