7.1
CVE-2025-23879 - WordPress Easy Automatic Newsletter Lite Plugin <= 3.2.0 - Reflected Cross Site Scripting (XSS) vulβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PillarDev Easy Automatic Newsletter Lite easy-automatic-newsletter allows Reflected XSS.This issue affects Easy Automatic Newsletter Lite: from n/a through <= 3.2.0.
7.1
CVE-2025-23852 - WordPress First Comment Redirect plugin <= 1.0.3 - Reflected Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robin90 First Comment Redirect first-comment-redirect allows Reflected XSS.This issue affects First Comment Redirect: from n/a through <= 1.0.3.
7.1
CVE-2025-23850 - WordPress Mojo Under Construction Plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojowill Mojo Under Construction mojo-under-construction allows Reflected XSS.This issue affects Mojo Under Construction: from n/a through <= 1.1.2.
7.1
CVE-2025-23847 - WordPress Site Launcher Plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in saill Site Launcher site-launcher allows Reflected XSS.This issue affects Site Launcher: from n/a through <= 0.9.4.
7.1
CVE-2025-23843 - WordPress WP-HR Manager plugin <= 3.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphrmanager WP-HR Manager: The Human Resources Plugin for WordPress wp-hr-manager allows Reflected XSS.This issue affects WP-HR Manager: The Human Resources Plugin for WordPress: from n/a through <β¦
6.5
CVE-2025-23829 - WordPress Woo Update Variations In Cart plugin <= 0.0.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codingkart Woo Update Variations In Cart woo-update-variations-in-cart allows Stored XSS.This issue affects Woo Update Variations In Cart: from n/a through <= 0.0.9.
7.1
CVE-2025-23814 - WordPress CRUDLab Like Box Plugin <= 2.0.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRUDLab CRUDLab Like Box crudlab-facebook-like-box allows Reflected XSS.This issue affects CRUDLab Like Box: from n/a through <= 2.0.9.
7.1
CVE-2025-23813 - WordPress Guten Free Options Plugin <= 0.9.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tony Hayes Guten Free Options guten-free-options allows Reflected XSS.This issue affects Guten Free Options: from n/a through <= 0.9.7.
6.5
CVE-2025-23763 - WordPress WAH Forms plugin <= 1.0 - Sensitive Data Exposure vulnerability
Missing Authorization vulnerability in Alex Volkov WAH Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WAH Forms: from n/a through 1.0.
7.1
CVE-2025-23762 - WordPress DsgnWrks Twitter Importer plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Sternberg DsgnWrks Twitter Importer dsgnwrks-twitter-importer allows Reflected XSS.This issue affects DsgnWrks Twitter Importer: from n/a through <= 1.1.4.