7.5
CVE-2025-23774 - WordPress WPDB to Sql plugin <= 1.2 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Niket Joshi WPDB to Sql wpdb-to-sql allows Retrieve Embedded Sensitive Data.This issue affects WPDB to Sql: from n/a through <= 1.2.
7.1
CVE-2025-23770 - WordPress Fast Tube plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Caspie Fast Tube fast-tube allows Reflected XSS.This issue affects Fast Tube: from n/a through <= 2.3.1.
7.1
CVE-2025-23769 - WordPress Content Mirror plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dreamsofmatter Content Mirror content-mirror allows Reflected XSS.This issue affects Content Mirror: from n/a through <= 1.2.
7.1
CVE-2025-23758 - WordPress pootle button plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pootlepress Pootle button pootle-button allows Reflected XSS.This issue affects Pootle button: from n/a through <= 1.2.0.
7.1
CVE-2025-23732 - WordPress Easy Filtering plugin <= 2.5.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in franciscopalacios Easy Filtering easy-filtering allows Reflected XSS.This issue affects Easy Filtering: from n/a through <= 2.5.0.
7.1
CVE-2025-23706 - WordPress Jet Skinner for BuddyPress plugin <= 1.2.5 - Reflected Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in milordk Jet Skinner for BuddyPress jet-skinner-for-buddypress allows Reflected XSS.This issue affects Jet Skinner for BuddyPress: from n/a through <= 1.2.5.
7.1
CVE-2025-23701 - WordPress Lime Developer Login plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in limesquare Lime Developer Login lime-developer-login allows Reflected XSS.This issue affects Lime Developer Login: from n/a through <= 1.4.0.
7.1
CVE-2025-23700 - WordPress yCyclista plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yonisink yCyclista ycyclista allows Reflected XSS.This issue affects yCyclista: from n/a through <= 1.2.3.
7.1
CVE-2025-23697 - WordPress PodΔlΓ‘nkovΓ‘ inzerce plugin <= 2.4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webdeal PodΔlΓ‘nkovΓ‘ inzerce podclankova-inzerce allows Reflected XSS.This issue affects PodΔlΓ‘nkovΓ‘ inzerce: from n/a through <= 2.4.0.
7.1
CVE-2025-23696 - WordPress Staging CDN plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronan Mockett Staging CDN staging-cdn allows Reflected XSS.This issue affects Staging CDN: from n/a through <= 1.0.0.