0.0
CVE-2025-24573 - WordPress Pagelayer plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Softaculous PageLayer pagelayer allows DOM-Based XSS.This issue affects PageLayer: from n/a through <= 1.9.4.
0.0
CVE-2025-24547 - WordPress Caching Compatible Cookie Opt-In plugin <= 0.0.10 - Stored Cross Site Scripting (XSS) vulβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthias.wagner Caching Compatible Cookie Opt-In and JavaScript caching-compatible-cookie-optin-and-javascript allows Stored XSS.This issue affects Caching Compatible Cookie Opt-In and JavaScript: β¦
0.0
CVE-2025-24552 - WordPress Paytium plugin <= 4.4.11 - Full Path Disclosure (FPD) vulnerability
Generation of Error Message Containing Sensitive Information vulnerability in paytiumsupport Paytium paytium allows Retrieve Embedded Sensitive Data.This issue affects Paytium: from n/a through <= 4.4.11.
0.0
CVE-2025-24570 - WordPress Atarim plugin <= 4.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Stored XSS.This issue affects Atarim: from n/a through <= 4.0.8.
0.0
CVE-2025-24579 - WordPress Nested pages plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages wp-nested-pages allows Stored XSS.This issue affects Nested Pages: from n/a through <= 3.2.9.
0.0
CVE-2025-24589 - WordPress JSM Show Post Metadata plugin <= 4.6.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in JS Morisset JSM Show Post Metadata jsm-show-post-meta allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JSM Show Post Metadata: from n/a through <= 4.6.0.
0.0
CVE-2025-24542 - WordPress Icegram Engage plugin <= 3.1.31 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Icegram icegram allows Stored XSS.This issue affects Icegram: from n/a through <= 3.1.31.
0.0
CVE-2025-24585 - WordPress Event post plugin <= 5.9.7 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through <= 5.9.7.
5.4
CVE-2025-24578 - WordPress ElementInvader Addons for Elementor plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue affects ElementInvader Addons for Elementor: from n/a through <= 1.3.0.
0.0
CVE-2025-24571 - WordPress WP Fast Total Search plugin <= 1.78.258 - Broken Access Control vulnerability
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through <= 1.78.258.