0.0
CVE-2025-25125 - WordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through <= 3.1.
0.0
CVE-2025-25116 - WordPress Link to URL / Post plugin <=1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sudipto Link to URL / Post link-to-url-post allows Blind SQL Injection.This issue affects Link to URL / Post: from n/a through <= 1.3.
0.0
CVE-2025-25117 - WordPress Smart Countdown FX plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Polonski Smart Countdown FX smart-countdown-fx allows Stored XSS.This issue affects Smart Countdown FX: from n/a through <= 1.5.5.
0.0
CVE-2025-25120 - WordPress Slide Banners plugin <= 1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Melodic Media Slide Banners slide-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slide Banners: from n/a through <= 1.3.
0.0
CVE-2025-25103 - WordPress Indeed API Plugin <= 0.5 - CSRF to Settings Change vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API indeed-api allows Cross Site Request Forgery.This issue affects Indeed API: from n/a through <= 0.5.
0.0
CVE-2025-25105 - WordPress Pop Up Plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in coffeestudios Pop Up popup-seo-optimized allows Stored XSS.This issue affects Pop Up: from n/a through <= 0.1.
0.0
CVE-2025-25101 - WordPress Munk Sites plugin <= 1.0.7 - CSRF to Arbitrary Plugin Installation vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in MetricThemes Munk Sites munk-sites allows Cross Site Request Forgery.This issue affects Munk Sites: from n/a through <= 1.0.7.
0.0
CVE-2025-25107 - WordPress OneStore Sites plugin <= 0.1.1 - CSRF to Arbitrary Plugin Installation vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in sainwp OneStore Sites onestore-sites allows Cross Site Request Forgery.This issue affects OneStore Sites: from n/a through <= 0.1.1.
0.0
CVE-2025-25106 - WordPress Starter Templates by FancyWP plugin <= 2.0.0 - CSRF to Arbitrary Plugin Installation vulnโฆ
Cross-Site Request Forgery (CSRF) vulnerability in FancyWP Starter Templates by FancyWP starter-templates allows Cross Site Request Forgery.This issue affects Starter Templates by FancyWP: from n/a through <= 2.0.0.
0.0
CVE-2025-25097 - WordPress External "Video for Everybody" plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through <= 2.1.1.