5.1
CVE-2024-10929 - Spectre-BSE
In certain circumstances, an issue in Arm Cortex-A57,Β Cortex-A72 (revisions before r1p0), Cortex-A73 and Cortex-A75 may allow an adversary to gain a weak form of control over the victim's branch history.
7.5
CVE-2025-0638 - Routinator crashes when illegal characters are present in manifest file names
The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.
9.8
CVE-2025-23914 - WordPress Muzaara Google Ads Report Plugin <= 3.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in muzaara Muzaara Google Ads Report muzaara-adwords-optimize-dashboard allows Object Injection.This issue affects Muzaara Google Ads Report: from n/a through <= 3.1.
7.1
CVE-2025-23809 - WordPress Blue Wrench Video Widget Plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sunil Nanda Blue Wrench Video Widget blue-wrench-videos-widget allows Reflected XSS.This issue affects Blue Wrench Video Widget: from n/a through <= 2.1.0.
5.9
CVE-2025-23992 - WordPress Toocheke Companion plugin <= 1.166 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows Stored XSS.This issue affects Toocheke Companion: from n/a through <= 1.166.
7.1
CVE-2025-23882 - WordPress WP Download Codes Plugin <= 2.5.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in misanthrop WP Download Codes wp-download-codes allows Reflected XSS.This issue affects WP Download Codes: from n/a through <= 2.5.4.
7.1
CVE-2025-23846 - WordPress Flexible Blogtitle Plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thaikolja Flexible Blogtitle flexible-blogtitle allows Reflected XSS.This issue affects Flexible Blogtitle: from n/a through <= 0.1.
7.1
CVE-2025-23812 - WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows Reflected XSS.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/β¦
7.1
CVE-2025-23768 - WordPress InFunding plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in inwavethemes InFunding infunding allows Reflected XSS.This issue affects InFunding: from n/a through <= 1.0.
7.1
CVE-2025-23746 - WordPress CMC MIGRATE plugin <= 0.0.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edem CMC MIGRATE cmc-migrate allows Reflected XSS.This issue affects CMC MIGRATE: from n/a through <= 0.0.3.