0.0
CVE-2025-23528 - WordPress DD Roles plugin <= 4.1 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Mosterd3d DD Roles dd-roles allows Privilege Escalation.This issue affects DD Roles: from n/a through <= 4.1.
8.8
CVE-2025-23532 - WordPress MyAnime Widget plugin <= 1.0 - CSRF to Privilege Escalation vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget myanime-widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through <= 1.0.
7.1
CVE-2025-23558 - WordPress Geotagged Media plugin <= 0.3.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in digitalfisherman Geotagged Media geotagged-media allows Stored XSS.This issue affects Geotagged Media: from n/a through <= 0.3.0.
7.1
CVE-2025-23537 - WordPress add custom google tag manager plugin <= 1.0.3 - CSRF to Stored Cross-Site Scripting vulneβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Χ§ΧΧΧΧ ΧΧΧ ΧΧΧͺ ΧΧͺΧ¨ΧΧ add custom google tag manager add-custom-google-tag-manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through <= 1.0.3.
7.1
CVE-2025-23510 - WordPress WordPress Logging Service plugin <= 1.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Jan Ε tΔtina WordPress Logging Service wordpress-logging-service allows Stored XSS.This issue affects WordPress Logging Service: from n/a through <= 1.5.4.
7.1
CVE-2025-23511 - WordPress WP-BlackCheck plugin <= 2.7.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Stargazer WP-BlackCheck wp-blackcheck allows Stored XSS.This issue affects WP-BlackCheck: from n/a through <= 2.7.2.
8.8
CVE-2025-23530 - WordPress Custom Post Type Lockdown plugin <= 1.11 - CSRF to Privilege Escalation vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in yonisink Custom Post Type Lockdown custom-post-type-lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through <= 1.11.
7.1
CVE-2025-23533 - WordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in zetxek WP Lyrics wplyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through <= 0.4.1.
5.3
CVE-2025-23514 - WordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Sanjay Prasad Loginplus loginplus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Loginplus: from n/a through <= 1.2.
7.1
CVE-2025-23513 - WordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in jd7777 Bible Embed bible-embed allows Stored XSS.This issue affects Bible Embed: from n/a through <= 0.0.4.