0.0
CVE-2025-23926 - WordPress Ajax WP Query Search Filter plugin <= 1.0.7 - Stored Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TC.K Ajax WP Query Search Filter ajax-wp-query-search-filter allows Stored XSS.This issue affects Ajax WP Query Search Filter: from n/a through <= 1.0.7.
0.0
CVE-2025-23916 - WordPress WP Meetup plugin <= 2.3.0 - Settings Change vulnerability
Missing Authorization vulnerability in Nuanced Media WP Meetup wp-meetup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meetup: from n/a through <= 2.3.0.
0.0
CVE-2025-23919 - WordPress Slides & Presentations Plugin <= 0.0.39 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Ella Van Durpe Slides & Presentations slide allows Code Injection.This issue affects Slides & Presentations: from n/a through <= 0.0.39.
0.0
CVE-2025-23912 - WordPress WordPress Custom Sidebar Plugin <= 2.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Philipp Speck WordPress Custom Sidebar wordpress-custom-sidebar allows Blind SQL Injection.This issue affects WordPress Custom Sidebar: from n/a through <= 2.3.
0.0
CVE-2025-23901 - WordPress GravatarLocalCache plugin <= 1.1.2 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in cybio GravatarLocalCache gravatarlocalcache allows Cross Site Request Forgery.This issue affects GravatarLocalCache: from n/a through <= 1.1.2.
0.0
CVE-2025-23913 - WordPress Google Map Professional Plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pankajpragma WordPress Google Map Professional google-map-professional allows SQL Injection.This issue affects WordPress Google Map Professional: from n/a through <= 1.0.
0.0
CVE-2025-23911 - WordPress Solidres β Hotel booking plugin for WordPress Plugin <= 0.9.4 - SQL Injection vulnerabiliβ¦
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in solidres Solidres β Hotel booking plugin solidres allows SQL Injection.This issue affects Solidres β Hotel booking plugin: from n/a through <= 0.9.4.
0.0
CVE-2025-23909 - WordPress Compare Ninja plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Common Ninja Compare Ninja compare-ninja-comparison-tables allows Stored XSS.This issue affects Compare Ninja: from n/a through <= 2.1.0.
0.0
CVE-2025-23908 - WordPress Pastebin plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rami Yushuvaev Pastebin pastebin-embed allows Stored XSS.This issue affects Pastebin: from n/a through <= 1.5.
0.0
CVE-2025-23900 - WordPress Genki Announcement plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in genkisan Genki Announcement genki-announcement allows Cross Site Request Forgery.This issue affects Genki Announcement: from n/a through <= 1.4.1.