6.5
CVE-2025-46483 - WordPress Peadigโs Google +1 Button plugin <= 0.1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Moss Peadigโs Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadigโs Google +1 Button: from n/a through <= 0.1.2.
6.5
CVE-2025-46479 - WordPress BBCode Deluxe plugin <= 2020.08.01.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevynCJohnson BBCode Deluxe bbcode-deluxe allows DOM-Based XSS.This issue affects BBCode Deluxe: from n/a through <= 2020.08.01.2.
6.5
CVE-2025-46475 - WordPress Able Player plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Dolson Able Player ableplayer allows DOM-Based XSS.This issue affects Able Player: from n/a through <= 1.2.1.
6.5
CVE-2025-46471 - WordPress WP Custom Post Popup plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gnanavelshenll WP Custom Post Popup custom-post-popup allows DOM-Based XSS.This issue affects WP Custom Post Popup: from n/a through <= 1.0.1.
6.5
CVE-2025-46467 - WordPress RAphicon plugin <= 2.1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rahendra Putra Kโข RAphicon raphicon allows DOM-Based XSS.This issue affects RAphicon: from n/a through <= 2.1.2.
6.5
CVE-2025-46461 - WordPress RRSSB plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Relentless Apps RRSSB rrssb allows DOM-Based XSS.This issue affects RRSSB: from n/a through <= 1.0.1.
7.1
CVE-2025-46457 - WordPress Wp Custom CMS Block plugin <= 2.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Ahsanullah Akanda Wp Custom CMS Block wp-custom-cms-block allows Stored XSS.This issue affects Wp Custom CMS Block: from n/a through <= 2.1.
6.5
CVE-2025-46453 - WordPress Zoho Creator Forms <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreatorTeam Zoho Creator Forms allows Stored XSS. This issue affects Zoho Creator Forms: from n/a through 1.0.5.
7.1
CVE-2025-46449 - WordPress WoWHead Tooltips plugin <= 2.0.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Novium WoWHead Tooltips wowhead-tooltips allows Stored XSS.This issue affects WoWHead Tooltips: from n/a through <= 2.0.1.
6.5
CVE-2025-46445 - WordPress External Markdown plugin <= 0.0.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pReya External Markdown external-markdown allows Stored XSS.This issue affects External Markdown: from n/a through <= 0.0.1.