7.1
CVE-2025-30577 - WordPress Browser Address Bar Color plugin <= 3.3 - Cross Site Request Forgery (CSRF) to Stored XSS…
Cross-Site Request Forgery (CSRF) vulnerability in mendibass Browser Address Bar Color browser-address-bar-color allows Stored XSS.This issue affects Browser Address Bar Color: from n/a through <= 3.3.
4.3
CVE-2025-30576 - WordPress Hacklog Remote Image Autosave plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) Vulnera…
Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Image Autosave hacklog-remote-image-autosave allows Cross Site Request Forgery.This issue affects Hacklog Remote Image Autosave: from n/a through <= 2.1.0.
5.9
CVE-2025-30575 - WordPress Login Redirect plugin <= - 1.0.5 Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arefly Login Redirect login-redirect allows Stored XSS.This issue affects Login Redirect: from n/a through <= 1.0.5.
5.9
CVE-2025-30574 - WordPress Mobile Navigation plugin <= - 1.5 Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jenst Mobile Navigation mobile-navigation allows Stored XSS.This issue affects Mobile Navigation: from n/a through <= 1.5.
5.9
CVE-2025-30573 - WordPress My Default Post Content plugin <= - 0.7.3 Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mrdenny My Default Post Content my-default-post-content allows Stored XSS.This issue affects My Default Post Content: from n/a through <= 0.7.3.
7.1
CVE-2025-30572 - WordPress Simple Rating plugin <= 1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabili…
Cross-Site Request Forgery (CSRF) vulnerability in Igor Yavych Simple Rating simple-rating allows Stored XSS.This issue affects Simple Rating: from n/a through <= 1.4.
7.6
CVE-2025-30571 - WordPress STEdb Forms plugin <= 1.0.4 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in STEdb Corp. STEdb Forms stedb-forms allows SQL Injection.This issue affects STEdb Forms: from n/a through <= 1.0.4.
7.6
CVE-2025-30570 - WordPress دکمه، شبکه اجتماعی خرید plugin <= 2.0.6 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AliRezaMohammadi دکمه، شبکه اجتماعی خرید dokme allows SQL Injection.This issue affects دکمه، شبکه اجتماعی خرید: from n/a through <= 2.0.6.
8.5
CVE-2025-30569 - WordPress WP Featured Entries plugin <= - 1.0 SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jahertor WP Featured Entries wp-featured-entries allows SQL Injection.This issue affects WP Featured Entries: from n/a through <= 1.0.
4.3
CVE-2025-30568 - WordPress Super Static Cache plugin <= 3.3.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in hitoy Super Static Cache super-static-cache allows Cross Site Request Forgery.This issue affects Super Static Cache: from n/a through <= 3.3.5.