7.1
CVE-2025-23614 - WordPress WordPress Additional Logins plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in niksudan WordPress Additional Logins wp-additional-logins allows Reflected XSS.This issue affects WordPress Additional Logins: from n/a through <= 1.0.0.
7.1
CVE-2025-23599 - WordPress eMarksheet plugin <= 5.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aarvansh Infotech eMarksheet emarksheet allows Reflected XSS.This issue affects eMarksheet: from n/a through <= 5.4.3.
7.1
CVE-2025-23594 - WordPress Google Map With Fancybox plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uzzal Mondal Google Map With Fancybox location-piker allows Reflected XSS.This issue affects Google Map With Fancybox: from n/a through <= 2.1.0.
7.1
CVE-2025-23593 - WordPress EmailPress plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kvvaradha EmailPress emailpress allows Reflected XSS.This issue affects EmailPress: from n/a through <= 1.0.
7.1
CVE-2025-23591 - WordPress blu Logistics plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blulogistics1 blu Logistics blu-logistics allows Reflected XSS.This issue affects blu Logistics: from n/a through <= 1.0.0.
7.1
CVE-2025-23590 - WordPress Dezdy plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dezdy.com Dezdy dezdy-mcommerce allows Reflected XSS.This issue affects Dezdy: from n/a through <= 1.0.
7.1
CVE-2025-23588 - WordPress WOW Best CSS Compiler plugin <= 2.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in baonguyenyam WOW Best CSS Compiler best-css-compiler allows Reflected XSS.This issue affects WOW Best CSS Compiler: from n/a through <= 2.0.2.
7.1
CVE-2025-23582 - WordPress Bulk Categories Assign plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haider Ali Bulk Categories Assign bulk-categories-assign allows Reflected XSS.This issue affects Bulk Categories Assign: from n/a through <= 1.0.
6.5
CVE-2025-23581 - WordPress Demo User DZS plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalzoomstudio Demo User DZS demo-user-dzs-showcase-your-admin-safely allows Stored XSS.This issue affects Demo User DZS: from n/a through <= 1.1.0.
6.5
CVE-2025-23561 - WordPress MLL Audio Player MP3 Ajax plugin <= 0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robertkay MLL Audio Player MP3 Ajax music-let-loose-mp3-audio-player allows Stored XSS.This issue affects MLL Audio Player MP3 Ajax: from n/a through <= 0.7.