5.9
CVE-2025-46529 - WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through <= 2.7.0.
5.9
CVE-2025-46525 - WordPress WP Cookie Consent plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in msmitley WP Cookie Consent wp-cookie-consent allows Stored XSS.This issue affects WP Cookie Consent: from n/a through <= 1.0.
5.9
CVE-2025-46521 - WordPress WS Force Login Page plugin <= 3.0.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Silver Muru WS Force Login Page ws-force-login-page allows Stored XSS.This issue affects WS Force Login Page: from n/a through <= 3.0.3.
5.9
CVE-2025-46517 - WordPress Blog Manager WP plugin <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Blog Manager WP blog-manager-wp allows Stored XSS.This issue affects Blog Manager WP: from n/a through <= 1.0.5.
4.3
CVE-2025-46513 - WordPress All in One Time Clock Lite plugin < 1.3.326 - Cross Site Request Forgery (CSRF) Vulnerabiβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Codebangers All in One Time Clock Lite aio-time-clock-lite allows Cross Site Request Forgery.This issue affects All in One Time Clock Lite: from n/a through < 1.3.326.
6.5
CVE-2025-46509 - WordPress 360 View plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrey Mikhalchuk 360 View 360-view allows Stored XSS.This issue affects 360 View: from n/a through <= 1.1.0.
6.5
CVE-2025-46505 - WordPress Peekaboo plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in farinspace Peekaboo peekaboo allows Stored XSS.This issue affects Peekaboo: from n/a through <= 1.1.
6.5
CVE-2025-46501 - WordPress Mixcloud Embed plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in biancardi Mixcloud Embed mixcloud-embed allows Stored XSS.This issue affects Mixcloud Embed: from n/a through <= 2.2.0.
6.5
CVE-2025-46496 - WordPress Mini twitter feed plugin <= 3.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oniswap Mini twitter feed mini-twitter-feed allows Stored XSS.This issue affects Mini twitter feed: from n/a through <= 3.0.
6.5
CVE-2025-46491 - WordPress Multi-Column Taxonomy List plugin <= 1.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthew Muro Multi-Column Taxonomy List multi-column-taxonomy-list allows Stored XSS.This issue affects Multi-Column Taxonomy List: from n/a through <= 1.5.