8.5
CVE-2025-22519 - WordPress eDoc Easy Tables Plugin <= 1.29 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through <= 1.29.
7.1
CVE-2025-22520 - WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through <= 1.1.
7.1
CVE-2025-22522 - WordPress SingSong plugin <= 1.2 - CSRF to Stored XSS vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roya khosravi SingSong singsong allows Stored XSS.This issue affects SingSong: from n/a through <= 1.2.
6.5
CVE-2025-22524 - WordPress ΩΨ±Ω Ψ³Ψ§Ψ² ΩΨ±Ω Ψ§ΩΨ²Ψ§Ψ± Plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in formafzar ΩΨ±Ω Ψ³Ψ§Ψ² ΩΨ±Ω Ψ§ΩΨ²Ψ§Ψ± formafzar allows Stored XSS.This issue affects ΩΨ±Ω Ψ³Ψ§Ψ² ΩΨ±Ω Ψ§ΩΨ²Ψ§Ψ±: from n/a through <= 2.0.
6.5
CVE-2025-22525 - WordPress Donation Block For PayPal Plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bharat Kambariya Donation Block For PayPal donations-block allows Stored XSS.This issue affects Donation Block For PayPal: from n/a through <= 2.2.0.
6.5
CVE-2025-22528 - WordPress Huurkalender WP Plugin <= 1.5.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Huurkalender.nl Huurkalender WP huurkalender-wp allows Stored XSS.This issue affects Huurkalender WP: from n/a through <= 1.5.6.
6.5
CVE-2025-22529 - WordPress WE Blocks <= 1.3.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordpresteem WE Blocks we-blocks allows Stored XSS.This issue affects WE Blocks: from n/a through <= 1.3.5.
6.5
CVE-2025-22530 - WordPress μμν¬νΈ κ²°μ λ²νΌ μμ± νλ¬κ·ΈμΈ plugin <= 1.1.19 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PORTONE μμν¬νΈ κ²°μ λ²νΌ μμ± νλ¬κ·ΈμΈ iamport-payment allows Stored XSS.This issue affects μμν¬νΈ κ²°μ λ²νΌ μμ± νλ¬κ·ΈμΈ: from n/a through <= 1.1.19.
6.5
CVE-2025-22531 - WordPress Urdu Formatter β Shamil plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M Bilal M Urdu Formatter β Shamil urdu-formatter-shamil allows Stored XSS.This issue affects Urdu Formatter β Shamil: from n/a through <= 0.1.
6.5
CVE-2025-22532 - WordPress Simple Photo Sphere plugin <= 0.0.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in snagysandor Simple Photo Sphere simple-photo-sphere allows Stored XSS.This issue affects Simple Photo Sphere: from n/a through <= 0.0.10.