0.0
CVE-2025-48250 - WordPress Coupons & Add to Cart by URL Links for WooCommerce plugin <= 1.7.7 - Cross Site Scriptingβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Coupons & Add to Cart by URL Links for WooCommerce url-coupons-for-woocommerce-by-algoritmika allows Stored XSS.This issue affects Coupons & Add to Cart by URL Links for WooCommerβ¦
0.0
CVE-2025-48249 - WordPress EAN for WooCommerce plugin <= 5.4.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Stored XSS.This issue affects EAN for WooCommerce: from n/a through <= 5.4.6.
0.0
CVE-2025-48248 - WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Crossβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discouβ¦
0.0
CVE-2025-48247 - WordPress Shortlinks by Pretty Links plugin <= 3.6.15 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Blair Williams Shortlinks by Pretty Links pretty-link allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortlinks by Pretty Links: from n/a through <= 3.6.15.
0.0
CVE-2025-48246 - WordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through <= 6.11.2.1.
0.0
CVE-2025-48244 - WordPress Exclusive Addons Elementor plugin <= 2.7.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor exclusive-addons-for-elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through <= 2.7.9.
0.0
CVE-2025-48243 - WordPress reCAPTCHA for all plugin <= 2.26 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.26.
0.0
CVE-2025-48242 - WordPress Legal Pages plugin <= 1.4.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Legal Pages: from n/a through <= 1.4.5.
0.0
CVE-2025-48240 - WordPress Cost of Goods for WooCommerce plugin <= 3.7.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Cost of Goods for WooCommerce cost-of-goods-for-woocommerce allows Stored XSS.This issue affects Cost of Goods for WooCommerce: from n/a through <= 3.7.0.
0.0
CVE-2025-48239 - WordPress Product Notes Tab & Private Admin Notes for WooCommerce plugin <= 3.1.0 - Cross Site Scriβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce product-notes-for-woocommerce allows Stored XSS.This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/β¦