0.0
CVE-2025-64191 - WordPress XStore theme < 9.6.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore xstore allows Reflected XSS.This issue affects XStore: from n/a through < 9.6.1.
0.0
CVE-2025-64189 - WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through < 5.6.
0.0
CVE-2025-64188 - WordPress Soledad theme <= 8.6.9 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through <= 8.6.9.
0.0
CVE-2025-6326 - WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through <= 1.18.0.
0.0
CVE-2025-6324 - WordPress Easy Invoice plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through <= 2.0.9.
0.0
CVE-2025-63039 - WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through <= 2.9.9.
0.0
CVE-2025-60182 - WordPress Support Board plugin < 3.8.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through < 3.8.7.
0.0
CVE-2025-60180 - WordPress WP Gravity Forms Salesforce plugin <= 1.5.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through <= 1.5.1.
0.0
CVE-2025-60178 - WordPress WP Gravity Forms HubSpot plugin <= 1.2.6 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through <= 1.2.6.
0.0
CVE-2025-60174 - WordPress WP Gravity Forms Constant Contact Plugin plugin <= 1.1.2 - Deserialization of untrusted dโฆ
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through <= 1.1.2.