4.9
CVE-2025-46503 - WordPress Simple Google Photos Grid plugin <= 1.5 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery (SSRF) vulnerability in josheli Simple Google Photos Grid simple-google-photos-grid allows Server Side Request Forgery.This issue affects Simple Google Photos Grid: from n/a through <= 1.5.
5.3
CVE-2025-46489 - WordPress Bulk Assign Linked Products For WooCommerce plugin <= 2.1 - Broken Access Control Vulneraβ¦
Missing Authorization vulnerability in vinodvaswani9 Bulk Assign Linked Products For WooCommerce wc-bulk-assign-linked-products allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk Assign Linked Products For WooCommerce: from n/a through <= 2.1.
5.3
CVE-2025-46485 - WordPress WP Customize Login Page plugin <= 1.6.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through <= 1.6.5.
5.9
CVE-2025-46477 - WordPress WP Customize Login Page plugin <= 1.6.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through <= 1.6.5.
5.9
CVE-2025-46469 - WordPress Send From plugin <= 2.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Buddle Send From send-from allows Stored XSS.This issue affects Send From: from n/a through <= 2.2.
5.9
CVE-2025-46459 - WordPress Confirm User Registration plugin <= 2.1.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ralf Hortt Confirm User Registration confirm-user-registration allows Stored XSS.This issue affects Confirm User Registration: from n/a through <= 2.1.5.
5.9
CVE-2025-46451 - WordPress Floating Social Bar plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Floating Social Bar floating-social-bar allows Stored XSS.This issue affects Floating Social Bar: from n/a through <= 1.1.7.
7.1
CVE-2025-46442 - WordPress Loan Calculator plugin <= 1.3 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Casey Johnson Loan Calculator repayment-calculator allows Stored XSS.This issue affects Loan Calculator: from n/a through <= 1.3.
5.9
CVE-2025-46541 - WordPress WP-reCAPTCHA-bp plugin <= 4.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elrata_ WP-reCAPTCHA-bp wp-recaptcha-bp allows Stored XSS.This issue affects WP-reCAPTCHA-bp: from n/a through <= 4.1.
5.9
CVE-2025-46533 - WordPress Landing pages and Domain aliases for WordPress plugin <= 0.8 - Cross Site Scripting (XSS)β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdrift.no Landing pages and Domain aliases for WordPress landing-pages-and-domain-aliases allows Stored XSS.This issue affects Landing pages and Domain aliases for WordPress: from n/a through <= 0β¦