6.5
CVE-2025-22308 - WordPress Smart Custom FIelds plugin <= 5.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Kitajima Smart Custom Fields smart-custom-fields allows Stored XSS.This issue affects Smart Custom Fields: from n/a through <= 5.0.0.
6.5
CVE-2025-22309 - WordPress SpeakOut! Email Petitions plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RopeSwingHld SpeakOut! Email Petitions speakout allows DOM-Based XSS.This issue affects SpeakOut! Email Petitions: from n/a through <= 4.4.2.
6.5
CVE-2025-22310 - WordPress TemplatesNext ToolKit plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marsian TemplatesNext ToolKit templatesnext-toolkit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through <= 3.2.9.
6.5
CVE-2025-22312 - WordPress Thim Elementor Kit plugin <= 1.2.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows DOM-Based XSS.This issue affects Thim Elementor Kit: from n/a through <= 1.2.9.
6.5
CVE-2025-22315 - WordPress Typing Text plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Typing Text typing-text allows Stored XSS.This issue affects Typing Text: from n/a through <= 1.2.7.
5.9
CVE-2025-22316 - WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through <= 1.5.1.
7.1
CVE-2025-22320 - WordPress ProductDyno plugin <= 1.0.24 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProductDyno ProductDyno productdyno allows Reflected XSS.This issue affects ProductDyno: from n/a through <= 1.0.24.
6.5
CVE-2025-22321 - WordPress ElementsCSS Addons for Elementor plugin <= 1.0.8.9 - Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs ElementsCSS Addons for Elementor css-for-elementor allows Stored XSS.This issue affects ElementsCSS Addons for Elementor: from n/a through <= 1.0.8.9.
6.5
CVE-2025-22323 - WordPress Image Hover Effects for Elementor plugin <= 1.0.2.4 - Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Image Hover Effects for Elementor image-hover-effects-elementor-addon allows Stored XSS.This issue affects Image Hover Effects for Elementor: from n/a through <= 1.0.2.4.
7.1
CVE-2025-22324 - WordPress OZ Canonical plugin <= 0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andon Ivanov OZ Canonical oz-canonical allows Reflected XSS.This issue affects OZ Canonical: from n/a through <= 0.5.