0.0
CVE-2025-48262 - WordPress Url Rewrite Analyzer plugin <= 1.3.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in M.Code Url Rewrite Analyzer url-rewrite-analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Url Rewrite Analyzer: from n/a through <= 1.3.3.
0.0
CVE-2025-48260 - WordPress GDPR CCPA Compliance Support plugin <= 2.7.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through <= 2.7.3.
0.0
CVE-2025-48259 - WordPress WP Mapa Politico EspaΓ±a plugin <= 3.8.0 - Cross Site Request Forgery (CSRF) to Settings Cβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico EspaΓ±a wp-mapa-politico-spain allows Cross Site Request Forgery.This issue affects WP Mapa Politico EspaΓ±a: from n/a through <= 3.8.0.
0.0
CVE-2025-48258 - WordPress Mega Menu Block plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jetmonsters Mega Menu Block getwid-megamenu allows Stored XSS.This issue affects Mega Menu Block: from n/a through <= 1.0.6.
0.0
CVE-2025-48257 - WordPress Projectopia plugin <= 5.1.17 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Projectopia Projectopia projectopia-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Projectopia: from n/a through <= 5.1.17.
5.4
CVE-2025-48256 - WordPress Import Social Events plugin <= 1.8.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through <= 1.8.5.
8.8
CVE-2025-48255 - WordPress Broadcast Live Video β Live Streaming : WebRTC, HLS, RTSP, RTMP plugin <= 6.2.4 - Cross Sβ¦
Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Cross Site Request Forgery.This issue affects Broadcast Live Video: from n/a through <= 6.2.4.
5.4
CVE-2025-48254 - WordPress Change Add to Cart Button Text for WooCommerce plugin <= 2.2.2 - Cross Site Scripting (XSβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a throβ¦
5.4
CVE-2025-48253 - WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.6 - Cross β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce amount-left-free-shipping-woocommerce allows Stored XSS.This issue affects Free Shipping Bar: Amount Left for Free Shippinβ¦
5.4
CVE-2025-48252 - WordPress Back Button Widget plugin <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through <= 1.6.8.