6.5
CVE-2025-47511 - WordPress Welcart e-Commerce plugin <= 2.11.13 - Arbitrary File Deletion Vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Path Traversal.This issue affects Welcart e-Commerce: from n/a through <= 2.11.13.
0.0
CVE-2025-47527 - WordPress Icegram Collect β Easy Form, Lead Collection and Subscription plugin <= 1.3.18 - Broken Aβ¦
Missing Authorization vulnerability in Icegram Icegram Collect icegram-rainmaker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram Collect: from n/a through <= 1.3.18.
0.0
CVE-2025-47561 - WordPress MapSVG plugin < 8.6.13 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG mapsvg allows Privilege Escalation.This issue affects MapSVG: from n/a through < 8.6.13.
0.0
CVE-2025-47598 - WordPress History Log by click5 plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in click5 History Log by click5 history-log-by-click5 allows Stored XSS.This issue affects History Log by click5: from n/a through <= 1.0.13.
0.0
CVE-2025-47608 - WordPress Recover abandoned cart for WooCommerce plugin <= 2.5 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows SQL Injection.This issue affects Recover abandoned cart for WooCommerce: from n/a through <= 2.5.
0.0
CVE-2025-47651 - WordPress Infility Global plugin <= 2.15.06 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infility Infility Global infility-global allows SQL Injection.This issue affects Infility Global: from n/a through <= 2.15.06.
0.0
CVE-2025-48122 - WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light plugin <= 2.4.37 - SQβ¦
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows SQL Injection.This issue affects Spreadβ¦
0.0
CVE-2025-48123 - WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light plugin <= 2.4.37 - Reβ¦
Improper Control of Generation of Code ('Code Injection') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows Code Injection.This issue affects Spreadsheet Price Changer for Woβ¦
0.0
CVE-2025-48124 - WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light plugin <= 2.4.37 - Arβ¦
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows Path Traversal.This issue affects Spreadsheetβ¦
0.0
CVE-2025-48125 - WordPress WP Event Manager plugin <= 3.1.51 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Event Manager WP Event Manager wp-event-manager allows PHP Local File Inclusion.This issue affects WP Event Manager: from n/a through <= 3.1.51.