0.0
CVE-2025-28884 - WordPress WP Bulk Post Duplicator plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Kumar WP Bulk Post Duplicator wp-bulk-post-duplicator allows Cross Site Request Forgery.This issue affects WP Bulk Post Duplicator: from n/a through <= 1.2.
0.0
CVE-2025-28883 - WordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Martin WP Compare Tables wp-compare-tables allows Stored XSS.This issue affects WP Compare Tables: from n/a through <= 1.0.5.
0.0
CVE-2025-28881 - WordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in mg12 Mobile Themes wp-mobile-themes allows Cross Site Request Forgery.This issue affects Mobile Themes: from n/a through <= 1.1.1.
5.4
CVE-2025-28879 - WordPress Bee Layer Slider plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aumsrini Bee Layer Slider bee-layer-slider allows Stored XSS.This issue affects Bee Layer Slider: from n/a through <= 1.1.
4.8
CVE-2025-28878 - WordPress Awesome Surveys plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Will Brubaker Awesome Surveys awesome-surveys allows Stored XSS.This issue affects Awesome Surveys: from n/a through <= 2.0.10.
8.8
CVE-2025-28876 - WordPress Skrill Official plugin <= 1.0.66 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Skrill_Team Skrill Official official-skrill-woocommerce allows Cross Site Request Forgery.This issue affects Skrill Official: from n/a through <= 1.0.66.
4.8
CVE-2025-28875 - WordPress BP Email Assign Templates By shanebp plugin <= 1.6 - Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shanebp BP Email Assign Templates bp-email-assign-templates allows Stored XSS.This issue affects BP Email Assign Templates: from n/a through <= 1.6.
4.9
CVE-2025-28874 - WordPress BP Email Assign Templates By shanebp plugin <= 1.7 - Arbitrary Content Deletion vulnerabiβ¦
Authorization Bypass Through User-Controlled Key vulnerability in shanebp BP Email Assign Templates bp-email-assign-templates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BP Email Assign Templates: from n/a through <= 1.7.
9.8
CVE-2025-28872 - WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Block Spam By Math Reloaded: from n/a through <= 2.2.4.
4.8
CVE-2025-28871 - WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Stored XSS.This issue affects Block Spam By Math Reloaded: from n/a through <= 2.2.4.