0.0
CVE-2025-22653 - WordPress Music Press Pro plugin <=1.4.6 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tuyennv Music Press Pro music-press-pro allows Stored XSS.This issue affects Music Press Pro: from n/a through <= 1.4.6.
0.0
CVE-2025-22643 - WordPress OnePress theme <= 2.3.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnePress: from n/a through <= 2.3.11.
0.0
CVE-2025-22642 - WordPress Dynamic Conditions plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtowebsites Dynamic Conditions dynamicconditions allows Stored XSS.This issue affects Dynamic Conditions: from n/a through <= 1.7.4.
0.0
CVE-2025-22641 - WordPress FM Notification Bar plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prem Tiwari FM Notification Bar fm-notification-bar allows Stored XSS.This issue affects FM Notification Bar: from n/a through <= 1.0.4.
0.0
CVE-2025-24677 - WordPress Post/Page Copying Tool to Export and Import post/page for Cross site Migration Plugin <= โฆ
Improper Control of Generation of Code ('Code Injection') vulnerability in wpspin Post/Page Copying Tool postpage-import-export-with-custom-fields-taxonomies allows Remote Code Inclusion.This issue affects Post/Page Copying Tool: from n/a through <= 2.0.3.
0.0
CVE-2025-24648 - WordPress Admin and Site Enhancements (ASE) Plugin <= 7.6.2.1 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Privilege Escalation.This issue affects Admin and Site Enhancements (ASE): from n/a through <= 7.6.2.1.
0.0
CVE-2025-24602 - WordPress WP24 Domain Check plugin <= 1.10.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP24 WP24 Domain Check wp24-domain-check allows Reflected XSS.This issue affects WP24 Domain Check: from n/a through <= 1.10.14.
0.0
CVE-2025-24599 - WordPress Newsletters plugin <= 4.9.9.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletters: from n/a through <= 4.9.9.6.
6.1
CVE-2025-24598 - WordPress WP Mailster plugin <= 1.8.17.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Reflected XSS.This issue affects WP Mailster: from n/a through <= 1.8.17.0.
0.0
CVE-2025-23645 - WordPress Find Content IDs plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Optimize Worldwide Find Content IDs find-content-ids allows Reflected XSS.This issue affects Find Content IDs: from n/a through <= 1.0.