0.0
CVE-2025-24707 - WordPress Photo Gallery β GT3 Image Gallery & Gutenberg Block Gallery plugin <= 2.7.7.24 - Reflecteβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gt3themes Photo Gallery gt3-photo-video-gallery allows Reflected XSS.This issue affects Photo Gallery: from n/a through <= 2.7.7.24.
0.0
CVE-2025-24697 - WordPress Image Gallery β Responsive Photo Gallery plugin <= 1.0.5 - Broken Access Control vulnerabβ¦
Missing Authorization vulnerability in Realwebcare Image Gallery β Responsive Photo Gallery awesome-responsive-photo-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Gallery β Responsive Photo Gallery: from n/a through <= 1.0.5.
0.0
CVE-2025-24684 - WordPress Media Downloader Plugin <= 0.4.7.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ederson Peka Media Downloader media-downloader allows Reflected XSS.This issue affects Media Downloader: from n/a through <= 0.4.7.5.
0.0
CVE-2025-24676 - WordPress Custom WP Store Locator plugin <= 1.4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in umangmetatagg Custom WP Store Locator custom-store-locator allows Reflected XSS.This issue affects Custom WP Store Locator: from n/a through <= 1.4.7.
0.0
CVE-2025-24660 - WordPress Simple Membership Custom Messages Plugin <= 2.4 - Reflected Cross Site Scripting (XSS) vuβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership Custom Messages simple-membership-custom-messages allows Reflected XSS.This issue affects Simple Membership Custom Messages: from n/a through <= 2.4.
0.0
CVE-2025-24656 - WordPress Realtyna Provisioning Plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Provisioning realtyna-provisioning allows Reflected XSS.This issue affects Realtyna Provisioning: from n/a through <= 1.2.2.
0.0
CVE-2025-24646 - WordPress XML for Avito Plugin <= 2.5.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc XML for Avito xml-for-avito allows Reflected XSS.This issue affects XML for Avito: from n/a through <= 2.5.2.
0.0
CVE-2025-24643 - WordPress WPGuppy plugin <= 1.1.0 - Broken Authentication vulnerability
Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPGuppy: from n/a through <= 1.1.0.
0.0
CVE-2025-24642 - WordPress Setup Default Featured Image plugin <= 1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in theme funda Setup Default Featured Image setup-default-feature-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Setup Default Featured Image: from n/a through <= 1.2.
0.0
CVE-2025-24639 - WordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Greys Korea for WooCommerce korea-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Korea for WooCommerce: from n/a through <= 1.1.11.