7.1
CVE-2025-23709 - WordPress Formatted post plugin <= 1.01 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kiroro Formatted post formatted-post allows Reflected XSS.This issue affects Formatted post: from n/a through <= 1.01.
7.1
CVE-2025-23643 - WordPress ReadMe Creator plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in a.ankit ReadMe Creator readme-creator allows Reflected XSS.This issue affects ReadMe Creator: from n/a through <= 1.0.
7.1
CVE-2025-23506 - WordPress WP IMAP Auth plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in imsoftware WP IMAP Auth wp-imap-authentication allows Reflected XSS.This issue affects WP IMAP Auth: from n/a through <= 4.0.1.
6.5
CVE-2025-23486 - WordPress Database Sync plugin <= 0.5.1 - Sensitive Data Exposure vulnerability
Missing Authorization vulnerability in tamlyn Database Sync database-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Database Sync: from n/a through <= 0.5.1.
7.1
CVE-2025-23475 - WordPress History timeline plugin <= 0.7.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fireantology History timeline history-timeline allows Reflected XSS.This issue affects History timeline: from n/a through <= 0.7.2.
7.1
CVE-2025-23462 - WordPress FWD Slider plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anil Jailta FWD Slider fwd-slider allows Reflected XSS.This issue affects FWD Slider: from n/a through <= 1.0.
7.1
CVE-2025-23449 - WordPress Simple shortcode buttons plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in davidpuc Simple shortcode buttons simple-shortcode-buttons allows Reflected XSS.This issue affects Simple shortcode buttons: from n/a through <= 1.3.2.
7.1
CVE-2025-22772 - WordPress Mapbox for WP Advanced Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stephanemartinw Mapbox for WP Advanced mapbox-for-wp-advanced allows Reflected XSS.This issue affects Mapbox for WP Advanced: from n/a through <= 1.0.0.
7.1
CVE-2025-23966 - WordPress a Gateway for Pasargad Bank on WooCommerce Plugin <= 2.5.2 - Cross Site Scripting (XSS) vβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ala Falaki a Gateway for Pasargad Bank on WooCommerce a-gateway-for-pasargad-bank-on-woocommerce allows Reflected XSS.This issue affects a Gateway for Pasargad Bank on WooCommerce: from n/a throughβ¦
7.1
CVE-2025-23959 - WordPress Good Old Gallery Plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linus Lundahl Good Old Gallery good-old-gallery allows Reflected XSS.This issue affects Good Old Gallery: from n/a through <= 2.1.2.