0.0
CVE-2025-48123 - WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light plugin <= 2.4.37 - Reβ¦
Improper Control of Generation of Code ('Code Injection') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows Code Injection.This issue affects Spreadsheet Price Changer for Woβ¦
0.0
CVE-2025-48124 - WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light plugin <= 2.4.37 - Arβ¦
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows Path Traversal.This issue affects Spreadsheetβ¦
0.0
CVE-2025-48125 - WordPress WP Event Manager plugin <= 3.1.51 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Event Manager WP Event Manager wp-event-manager allows PHP Local File Inclusion.This issue affects WP Event Manager: from n/a through <= 3.1.51.
9.8
CVE-2025-48126 - WordPress Essential Real Estate plugin <= 5.2.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essential-real-estate allows PHP Local File Inclusion.This issue affects Essential Real Estate: from n/a through <= 5.2.9.
0.0
CVE-2025-48129 - WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light plugin <= 2.4.37 - Prβ¦
Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce β Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows Privilege Escalation.This issue affects Spreadsheet Price Changer for WooCommerce and WP E-coβ¦
0.0
CVE-2025-48130 - WordPress Spice Blocks plugin <= 2.0.7.4 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spicethemes Spice Blocks spice-blocks allows Path Traversal.This issue affects Spice Blocks: from n/a through <= 2.0.7.4.
0.0
CVE-2025-48139 - WordPress StyleAI plugin <= 1.0.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in relentlo StyleAI relentlosoftware allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects StyleAI: from n/a through <= 1.0.4.
0.0
CVE-2025-48140 - WordPress MetalpriceAPI plugin <= 1.1.4 - Remote Code Execution (RCE) Vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in metalpriceapi MetalpriceAPI metalpriceapi allows Code Injection.This issue affects MetalpriceAPI: from n/a through <= 1.1.4.
0.0
CVE-2025-48141 - WordPress Multi CryptoCurrency Payments plugin <= 2.0.7 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alex Zaytseff Multi CryptoCurrency Payments multi-crypto-currency-payment allows SQL Injection.This issue affects Multi CryptoCurrency Payments: from n/a through <= 2.0.7.
0.0
CVE-2025-48143 - WordPress Formulario de contacto SalesUp! plugin <= 1.0.14 - Reflected Cross Site Scripting (XSS) vβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in salesup2019 Formulario de contacto SalesUp! formularios-de-contacto-salesup allows Reflected XSS.This issue affects Formulario de contacto SalesUp!: from n/a through <= 1.0.14.