0.0
CVE-2025-39527 - WordPress Rating by BestWebSoft plugin <= 1.7 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in bestweblayout Rating by BestWebSoft rating-bws allows Object Injection.This issue affects Rating by BestWebSoft: from n/a through <= 1.7.
0.0
CVE-2025-39532 - WordPress Spice Blocks plugin <= 2.0.7.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in spicethemes Spice Blocks spice-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spice Blocks: from n/a through <= 2.0.7.7.
0.0
CVE-2025-39533 - WordPress Starfish Review Generation & Marketing plugin <= 3.1.19 - Privilege Escalation vulnerabilβ¦
Missing Authorization vulnerability in Starfish Reviews Starfish Review Generation & Marketing starfish-reviews allows Privilege Escalation.This issue affects Starfish Review Generation & Marketing: from n/a through <= 3.1.19.
0.0
CVE-2025-39535 - WordPress Vitepos plugin <= 3.1.7 - Broken Authentication Vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.7.
0.0
CVE-2025-39542 - WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through <= 9.1.0.
0.0
CVE-2025-39550 - WordPress FluentCommunity plugin <= 1.2.15 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity fluent-community allows Object Injection.This issue affects FluentCommunity: from n/a through <= 1.2.15.
0.0
CVE-2025-39551 - WordPress FluentBoards plugin <= 1.47 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Object Injection.This issue affects FluentBoards: from n/a through <= 1.47.
0.0
CVE-2025-39554 - WordPress AI Text to Speech plugin <= 3.0.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elliot Sowersby / RelyWP AI Text to Speech ai-text-to-speech allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Text to Speech: from n/a through <= 3.0.3.
0.0
CVE-2025-39558 - WordPress CRM Perks plugin <= 1.1.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks support-x allows Reflected XSS.This issue affects CRM Perks: from n/a through <= 1.1.7.
0.0
CVE-2025-39559 - WordPress Bring Fraktguiden for WooCommerce plugin <= 1.11.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Eivin Landa Bring Fraktguiden for WooCommerce bring-fraktguiden-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bring Fraktguiden for WooCommerce: from n/a through <= 1.11.4.