0.0
CVE-2025-0989 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-12315. Reason: This candidate is a reservation duplicate of CVE-2024-12315. Notes: All CVE users should reference CVE-2024-12315 instead of this candidate. All references and descriptions in this candidate have been removed to prevβ¦
8.8
CVE-2025-24661 - WordPress Taxi Booking Manager for WooCommerce plugin <= 1.1.8 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce ecab-taxi-booking-manager allows Object Injection.This issue affects Taxi Booking Manager for WooCommerce: from n/a through <= 1.1.8.
7.1
CVE-2025-23984 - WordPress Dynamic URL SEO plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brainvireinfo Dynamic URL SEO dynamic-url-seo allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through <= 1.0.
7.1
CVE-2025-22775 - WordPress Catalog Importer, Scraper & Crawler Plugin <= 5.1.3 - Reflected Cross Site Scripting (XSSβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in idiatech Catalog Importer, Scraper & Crawler intelligent-importer allows Reflected XSS.This issue affects Catalog Importer, Scraper & Crawler: from n/a through <= 5.1.3.
7.1
CVE-2025-22704 - WordPress Signature plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Abinav Thakuri WordPress Signature wordpress-signature allows Reflected XSS.This issue affects WordPress Signature: from n/a through <= 0.1.
7.1
CVE-2025-22703 - WordPress Forge β Front-End Page Builder plugin <= 1.4.6 - CSRF to Stored Cross Site Scripting (XSSβ¦
Cross-Site Request Forgery (CSRF) vulnerability in manuelvicedo Forge β Front-End Page Builder forge allows Stored XSS.This issue affects Forge β Front-End Page Builder: from n/a through <= 1.4.6.
5.4
CVE-2025-22701 - WordPress Traveler Layout Essential For Elementor plugin < 1.4 - Server Side Request Forgery (SSRF)β¦
Server-Side Request Forgery (SSRF) vulnerability in shinetheme Traveler Layout Essential For Elementor traveler-layout-essential-for-elementor.This issue affects Traveler Layout Essential For Elementor: from n/a through < 1.4.
4.3
CVE-2025-22695 - WordPress Nirweb support plugin <= 3.0.3 - Broken Access Control vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in NirWp Team Nirweb support nirweb-support.This issue affects Nirweb support: from n/a through <= 3.0.3.
4.3
CVE-2025-22694 - WordPress Hide Shipping Method For WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Dotstore Hide Shipping Method For WooCommerce hide-shipping-method-for-woocommerce.This issue affects Hide Shipping Method For WooCommerce: from n/a through <= 1.5.1.
7.6
CVE-2025-22693 - WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows SQL Injection.This issue affects Contest Gallery: from n/a through <= 25.1.0.