4.3
CVE-2025-49435 - WordPress Wp Easy Allopass plugin <= 4.1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Hasina77 Wp Easy Allopass wordpress-easy-allopass allows Cross Site Request Forgery.This issue affects Wp Easy Allopass: from n/a through <= 4.1.1.
4.3
CVE-2025-49439 - WordPress Atelier Create CV plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) to Settings Change β¦
Cross-Site Request Forgery (CSRF) vulnerability in mariusz88atelierweb Atelier Create CV atelier-create-cv allows Cross Site Request Forgery.This issue affects Atelier Create CV: from n/a through <= 1.1.5.
4.3
CVE-2025-49440 - WordPress WP Security Master plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Vuong Nguyen WP Security Master wp-security-master allows Cross Site Request Forgery.This issue affects WP Security Master: from n/a through <= 1.0.2.
5.3
CVE-2025-49441 - WordPress Interactive Regional Map of Florida plugin <= 1.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WP Map Plugins Interactive Regional Map of Florida interactive-map-of-florida allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Interactive Regional Map of Florida: from n/a through <= 1.0.
6.5
CVE-2025-49442 - WordPress Simple Nested Menu plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mostafa Shahiri Simple Nested Menu simple-nested-menu allows Stored XSS.This issue affects Simple Nested Menu: from n/a through <= 1.0.
6.5
CVE-2025-49443 - WordPress Bacon Ipsum plugin <= 2.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris McCoy Bacon Ipsum bacon-ipsum allows Stored XSS.This issue affects Bacon Ipsum: from n/a through <= 2.4.
4.3
CVE-2025-49445 - WordPress Interactive UK Regional Map plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Settingsβ¦
Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive UK Regional Map interactive-uk-regional-map allows Cross Site Request Forgery.This issue affects Interactive UK Regional Map: from n/a through <= 2.0.
4.3
CVE-2025-49446 - WordPress Admin Notes plugin <=1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in minhlaobao Admin Notes admin-note allows Cross Site Request Forgery.This issue affects Admin Notes: from n/a through <= 1.1.
4.3
CVE-2025-49449 - WordPress Interactive Regional Map of Africa plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnβ¦
Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive Regional Map of Africa interactive-map-of-africa allows Cross Site Request Forgery.This issue affects Interactive Regional Map of Africa: from n/a through <= 1.0.
6.5
CVE-2025-49450 - WordPress SEPA Girocode plugin <= 0.5.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mhallmann SEPA Girocode sepa-girocode allows Stored XSS.This issue affects SEPA Girocode: from n/a through <= 0.5.1.