0.0
CVE-2025-23874 - WordPress WP Block Pack plugin <= 1.1.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FalconTheme Team WP Block Pack wp-block-pack allows Reflected XSS.This issue affects WP Block Pack: from n/a through <= 1.1.6.
0.0
CVE-2025-23867 - WordPress WordPress File Search Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markcoker WordPress File Search wpfilesearch allows Reflected XSS.This issue affects WordPress File Search: from n/a through <= 1.2.
0.0
CVE-2025-23866 - WordPress EU DSGVO Helper Plugin <= 1.0.6.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E. Marten EU DSGVO Helper dsgvo allows Reflected XSS.This issue affects EU DSGVO Helper: from n/a through <= 1.0.6.1.
0.0
CVE-2025-23811 - WordPress WP2APP Plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ghasemy14 WP2APP wp2appir allows Reflected XSS.This issue affects WP2APP: from n/a through <= 2.6.2.
0.0
CVE-2025-23806 - WordPress Ultimate Subscribe Plugin <=1.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilβ¦
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe ultimate-subscribe allows Reflected XSS.This issue affects Ultimate Subscribe: from n/a through <= 1.3.
0.0
CVE-2025-23803 - WordPress Snippy Plugin <= 1.4.1 - CSRF to Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Rik Schennink Snippy snippy allows Reflected XSS.This issue affects Snippy: from n/a through <= 1.4.1.
6.1
CVE-2025-23798 - WordPress Mass Messaging in BuddyPress Plugin <= 2.2.1 - Reflected Cross Site Scripting (XSS) vulneβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ElbowRobo Mass Messaging in BuddyPress mass-messaging-in-buddypress allows Reflected XSS.This issue affects Mass Messaging in BuddyPress: from n/a through <= 2.2.1.
0.0
CVE-2025-23784 - WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows SQL Injection.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/β¦
0.0
CVE-2025-23781 - WordPress WM Options Import Export plugin <= 1.0.1 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Web Mumbai WM Options Import Export wm-options-import-export allows Retrieve Embedded Sensitive Data.This issue affects WM Options Import Export: from n/a through <= 1.0.1.
0.0
CVE-2025-23774 - WordPress WPDB to Sql plugin <= 1.2 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Niket Joshi WPDB to Sql wpdb-to-sql allows Retrieve Embedded Sensitive Data.This issue affects WPDB to Sql: from n/a through <= 1.2.