0.0
CVE-2025-52773 - WordPress HieCOR Payment Gateway plugin plugin <= 1.5.11 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hiecor HieCOR Payment Gateway Plugin hcv4-payment-gateway allows SQL Injection.This issue affects HieCOR Payment Gateway Plugin: from n/a through <= 1.5.11.
0.0
CVE-2025-52764 - WordPress flexoslider plugin <= 1.0004 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marielav flexoslider flexoslider allows Reflected XSS.This issue affects flexoslider: from n/a through <= 1.0004.
0.0
CVE-2025-49909 - WordPress Penci Bookmark & Follow plugin < 2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Bookmark & Follow penci-bookmark-follow allows Reflected XSS.This issue affects Penci Bookmark & Follow: from n/a through < 2.4.
0.0
CVE-2025-49905 - WordPress Range Slider Addon for Gravity Forms plugin <= 1.1.6 - Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginsCafe Range Slider Addon for Gravity Forms range-slider-addon-for-gravity-forms allows Reflected XSS.This issue affects Range Slider Addon for Gravity Forms: from n/a through <= 1.1.6.
0.0
CVE-2025-49904 - WordPress Booking and Rental Manager plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Reflected XSS.This issue affects Booking and Rental Manager: from n/a through <= 2.5.3.
0.0
CVE-2025-49900 - WordPress Advanced scrollbar plugin <= 1.1.8 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in bPlugins Advanced scrollbar advanced-scrollbar allows Privilege Escalation.This issue affects Advanced scrollbar: from n/a through <= 1.1.8.
0.0
CVE-2025-49398 - WordPress Easy Appointments plugin <= 3.12.14 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through <= 3.12.14.
0.0
CVE-2025-49394 - WordPress Image Gallery block β Create and display photo gallery/photo album. plugin <= 1.0.7 - Broβ¦
Missing Authorization vulnerability in bPlugins Image Gallery block β Create and display photo gallery/photo album. 3d-image-gallery allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Image Gallery block β Create and display photo gallery/photo album.: from n/a throuβ¦
0.0
CVE-2025-49393 - WordPress Sign-up Sheets Plugin <= 2.3.2 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Object Injection.This issue affects Sign-up Sheets: from n/a through <= 2.3.2.
0.0
CVE-2025-49390 - WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in christophrado Cookie Notice & Consent cookie-notice-consent allows Stored XSS.This issue affects Cookie Notice & Consent: from n/a through <= 1.6.4.