0.0
CVE-2025-28889 - WordPress Custom Product Stickers for Woocommerce plugin <= 1.9.0 - Reflected Cross Site Scripting β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in starblank Custom Product Stickers for Woocommerce custom-product-stickers-for-woocommerce allows Reflected XSS.This issue affects Custom Product Stickers for Woocommerce: from n/a through <= 1.9.0.
0.0
CVE-2025-28885 - WordPress Fiverr.com Official Search Box plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fiverraffiliates Fiverr.com Official Search Box fiverr-official-search-box allows Stored XSS.This issue affects Fiverr.com Official Search Box: from n/a through <= 1.0.8.
0.0
CVE-2025-28882 - WordPress Omnify plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Omnify, Inc. Omnify omnify-widget allows Reflected XSS.This issue affects Omnify: from n/a through <= 2.0.3.
0.0
CVE-2025-28880 - WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through <= 1.7.4.
0.0
CVE-2025-28877 - WordPress Key4ce osTicket Bridge plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in m.tiggelaar Key4ce osTicket Bridge key4ce-osticket-bridge allows Reflected XSS.This issue affects Key4ce osTicket Bridge: from n/a through <= 1.4.0.
0.0
CVE-2025-28873 - WordPress Shuffle plugin <= 0.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Scott Taylor Shuffle shuffle allows Blind SQL Injection.This issue affects Shuffle: from n/a through <= 0.5.
0.0
CVE-2025-28869 - WordPress NextGEN Gallery Voting plugin <= 2.7.6 - Reflected Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shauno NextGEN Gallery Voting nextgen-gallery-voting allows Reflected XSS.This issue affects NextGEN Gallery Voting: from n/a through <= 2.7.6.
0.0
CVE-2025-28865 - WordPress WP Colorful Tag Cloud plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lionelroux WP Colorful Tag Cloud wp-colorful-tag-cloud allows Reflected XSS.This issue affects WP Colorful Tag Cloud: from n/a through <= 2.0.1.
0.0
CVE-2025-28858 - WordPress Arrow Maps plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arrow Plugins Arrow Maps ap-google-maps allows Reflected XSS.This issue affects Arrow Maps: from n/a through <= 1.0.9.
0.0
CVE-2025-28855 - WordPress Teleport plugin <= 1.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in srcoley Teleport teleport allows Reflected XSS.This issue affects Teleport: from n/a through <= 1.2.4.