0.0
CVE-2025-22775 - WordPress Catalog Importer, Scraper & Crawler Plugin <= 5.1.3 - Reflected Cross Site Scripting (XSSโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in idiatech Catalog Importer, Scraper & Crawler intelligent-importer allows Reflected XSS.This issue affects Catalog Importer, Scraper & Crawler: from n/a through <= 5.1.3.
0.0
CVE-2025-22704 - WordPress Signature plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Abinav Thakuri WordPress Signature wordpress-signature allows Reflected XSS.This issue affects WordPress Signature: from n/a through <= 0.1.
0.0
CVE-2025-22703 - WordPress Forge โ Front-End Page Builder plugin <= 1.4.6 - CSRF to Stored Cross Site Scripting (XSSโฆ
Cross-Site Request Forgery (CSRF) vulnerability in manuelvicedo Forge โ Front-End Page Builder forge allows Stored XSS.This issue affects Forge โ Front-End Page Builder: from n/a through <= 1.4.6.
0.0
CVE-2025-22701 - WordPress Traveler Layout Essential For Elementor plugin < 1.4 - Server Side Request Forgery (SSRF)โฆ
Server-Side Request Forgery (SSRF) vulnerability in shinetheme Traveler Layout Essential For Elementor traveler-layout-essential-for-elementor.This issue affects Traveler Layout Essential For Elementor: from n/a through < 1.4.
0.0
CVE-2025-22695 - WordPress Nirweb support plugin <= 3.0.3 - Broken Access Control vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in NirWp Team Nirweb support nirweb-support.This issue affects Nirweb support: from n/a through <= 3.0.3.
0.0
CVE-2025-22694 - WordPress Hide Shipping Method For WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Dotstore Hide Shipping Method For WooCommerce hide-shipping-method-for-woocommerce.This issue affects Hide Shipping Method For WooCommerce: from n/a through <= 1.5.1.
7.2
CVE-2025-22693 - WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows SQL Injection.This issue affects Contest Gallery: from n/a through <= 25.1.0.
0.0
CVE-2025-22691 - WordPress WP Travel plugin <= 10.1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel wp-travel allows SQL Injection.This issue affects WP Travel: from n/a through <= 10.1.3.
0.0
CVE-2025-22690 - WordPress DigiTimber cPanel Integration plugin <= 1.4.6 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in DigiTimber DigiTimber cPanel Integration digitimber-cpanel-integration allows Stored XSS.This issue affects DigiTimber cPanel Integration: from n/a through <= 1.4.6.
0.0
CVE-2025-22688 - WordPress Unlimited Page Sidebars plugin <= 0.2.6 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Ederson Peka Unlimited Page Sidebars unlimited-page-sidebars allows Stored XSS.This issue affects Unlimited Page Sidebars: from n/a through <= 0.2.6.