7.1
CVE-2025-23888 - WordPress Custom Page Extensions Plugin <= 0.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GrandSlambert Custom Page Extensions custom-page-extensions allows Reflected XSS.This issue affects Custom Page Extensions: from n/a through <= 0.6.
7.1
CVE-2025-23885 - WordPress MJ Contact us Plugin <= 5.2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anildhiman MJ Contact us mj-contact-us allows Reflected XSS.This issue affects MJ Contact us: from n/a through <= 5.2.3.
7.1
CVE-2025-23839 - WordPress Sticky Button plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asif Shakeel Sticky Button sticky-chat-button allows Stored XSS.This issue affects Sticky Button: from n/a through <= 1.0.
7.1
CVE-2025-23838 - WordPress Bauernregeln Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rally Vincent Bauernregeln bauernregeln allows Reflected XSS.This issue affects Bauernregeln: from n/a through <= 1.0.1.
7.1
CVE-2025-23837 - WordPress One Backend Language Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in martinjuhasz One Backend Language one-backend-language allows Reflected XSS.This issue affects One Backend Language: from n/a through <= 1.0.
7.1
CVE-2025-23737 - WordPress Network-Favorites plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thobian Network-Favorites network-favorites allows Reflected XSS.This issue affects Network-Favorites: from n/a through <= 1.1.
7.1
CVE-2025-23734 - WordPress Gigaom Sphinx plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Casey Bisson Gigaom Sphinx go-sphinx allows Reflected XSS.This issue affects Gigaom Sphinx: from n/a through <= 0.1.
7.1
CVE-2025-23711 - WordPress Quote me plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quincy Kwende Quote me quote-me allows Reflected XSS.This issue affects Quote me: from n/a through <= 1.0.
7.1
CVE-2025-23622 - WordPress CBX Accounting & Bookkeeping plugin <= 1.3.14 - Reflected Cross Site Scripting (XSS) vulnโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Accounting & Bookkeeping cbxwpsimpleaccounting allows Reflected XSS.This issue affects CBX Accounting & Bookkeeping: from n/a through <= 1.3.14.
7.1
CVE-2025-23621 - WordPress Causes โ Donation plugin <= 1.0.01 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in algothemes Causes โ Donation Plugin causes allows Reflected XSS.This issue affects Causes โ Donation Plugin: from n/a through <= 1.0.01.