0.0
CVE-2025-24656 - WordPress Realtyna Provisioning Plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Provisioning realtyna-provisioning allows Reflected XSS.This issue affects Realtyna Provisioning: from n/a through <= 1.2.2.
0.0
CVE-2025-24646 - WordPress XML for Avito Plugin <= 2.5.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc XML for Avito xml-for-avito allows Reflected XSS.This issue affects XML for Avito: from n/a through <= 2.5.2.
0.0
CVE-2025-24643 - WordPress WPGuppy plugin <= 1.1.0 - Broken Authentication vulnerability
Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPGuppy: from n/a through <= 1.1.0.
0.0
CVE-2025-24642 - WordPress Setup Default Featured Image plugin <= 1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in theme funda Setup Default Featured Image setup-default-feature-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Setup Default Featured Image: from n/a through <= 1.2.
0.0
CVE-2025-24639 - WordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Greys Korea for WooCommerce korea-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Korea for WooCommerce: from n/a through <= 1.1.11.
0.0
CVE-2025-24631 - WordPress BP Email Assign Templates Plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shanebp BP Email Assign Templates bp-email-assign-templates allows Reflected XSS.This issue affects BP Email Assign Templates: from n/a through <= 1.5.
0.0
CVE-2025-24630 - WordPress Sikshya LMS Plugin <= 0.0.21 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MantraBrain Sikshya LMS sikshya allows Reflected XSS.This issue affects Sikshya LMS: from n/a through <= 0.0.21.
0.0
CVE-2025-24629 - WordPress Import Excel to Gravity Forms Plugin <= 1.18 - Reflected Cross Site Scripting (XSS) vulneβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpgear Import Excel to Gravity Forms gf-excel-import allows Reflected XSS.This issue affects Import Excel to Gravity Forms: from n/a through <= 1.18.
0.0
CVE-2025-24620 - WordPress AIO Shortcodes plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hkharpreetkumar1 AIO Shortcodes aio-shortcodes allows Stored XSS.This issue affects AIO Shortcodes: from n/a through <= 1.3.
7.2
CVE-2025-24605 - WordPress WOLF plugin <= 1.0.8.5 - Path Traversal vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RealMag777 WOLF bulk-editor allows Path Traversal.This issue affects WOLF: from n/a through <= 1.0.8.5.