7.1
CVE-2025-23435 - WordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in marcucci Password Protect Plugin for WordPress password-protect-plugin-for-wordpress allows Stored XSS.This issue affects Password Protect Plugin for WordPress: from n/a through <= 0.8.1.0.
7.1
CVE-2025-23452 - WordPress EditionGuard for WooCommerce plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EditionGuard EditionGuard for WooCommerce β eBook Sales with DRM editionguard-for-woocommerce-ebook-sales-with-drm allows Reflected XSS.This issue affects EditionGuard for WooCommerce β eBook Salesβ¦
7.1
CVE-2025-23438 - WordPress WP PT-Viewer plugin <= 2.0.2 - Reflected XSS vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Mimoun-Prat WP PT-Viewer wp-ptviewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through <= 2.0.2.
7.1
CVE-2025-23497 - WordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulneβ¦
Cross-Site Request Forgery (CSRF) vulnerability in albdesign Simple Project Manager simple-project-managment allows Stored XSS.This issue affects Simple Project Manager: from n/a through <= 1.2.2.
0.0
CVE-2025-23434 - WordPress Easy EU Cookie law plugin <= 1.3.3.1 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in viher3 Easy EU Cookie law easy-eu-cookie-law allows Stored XSS.This issue affects Easy EU Cookie law: from n/a through <= 1.3.3.1.
7.1
CVE-2025-23471 - WordPress ECT Add to Cart Button plugin <= 1.4 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in etemplates ECT Add to Cart Button ect-add-to-cart-button allows Stored XSS.This issue affects ECT Add to Cart Button: from n/a through <= 1.4.
0.0
CVE-2025-23444 - WordPress Scroll Top Advanced plugin <= 2.5 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nasir179125 Scroll Top Advanced scroll-top-advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a through <= 2.5.
7.1
CVE-2025-23424 - WordPress Marquee Style RSS News Ticker plugin <= 3.2.0 - CSRF to Stored Cross Site Scripting (XSS)β¦
Cross-Site Request Forgery (CSRF) vulnerability in bnovotny Marquee Style RSS News Ticker marquee-style-rss-news-ticker allows Cross Site Request Forgery.This issue affects Marquee Style RSS News Ticker: from n/a through <= 3.2.0.
7.1
CVE-2025-23426 - WordPress go Social plugin <= 1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Binesh Dobhal go Social go-social allows Stored XSS.This issue affects go Social: from n/a through <= 1.0.
7.1
CVE-2025-23453 - WordPress Stars SMTP Mailer plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Myriad Solutionz Stars SMTP Mailer stars-smtp-mailer allows Reflected XSS.This issue affects Stars SMTP Mailer: from n/a through <= 1.7.