7.1
CVE-2025-26568 - WordPress Easy Amazon Product Information plugin <= 4.0.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in jensmueller Easy Amazon Product Information easy-amazon-product-information allows Stored XSS.This issue affects Easy Amazon Product Information: from n/a through <= 4.0.1.
6.5
CVE-2025-26567 - WordPress Font Awesome WP plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in farjana55 Font Awesome WP font-awesome-wp allows DOM-Based XSS.This issue affects Font Awesome WP: from n/a through <= 1.0.
7.1
CVE-2025-26562 - WordPress RSS FIlter Plugin <= 1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Patnaik RSS Filter rss-filter allows Stored XSS.This issue affects RSS Filter: from n/a through <= 1.2.
5.9
CVE-2025-26561 - WordPress Elfsight Yottie Lite Plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elfsight Elfsight Yottie Lite yottie-lite allows Stored XSS.This issue affects Elfsight Yottie Lite: from n/a through <= 1.3.3.
6.5
CVE-2025-26558 - WordPress Aparat Responsive plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mkkmail Aparat Responsive aparat-responsive allows DOM-Based XSS.This issue affects Aparat Responsive: from n/a through <= 1.3.
7.1
CVE-2025-26552 - WordPress Naver Syndication V2 plugin <= 0.8.3 - CSRF to Stored Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in badrHan Naver Syndication V2 badr-naver-syndication allows Stored XSS.This issue affects Naver Syndication V2: from n/a through <= 0.8.3.
7.1
CVE-2025-26551 - WordPress Bootstrap collapse plugin <= 1.0.4 - CSRF to Stored Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through <= 1.0.4.
7.1
CVE-2025-26550 - WordPress Global Meta Keyword & Description plugin <= 2.3 - CSRF to Cross-Site Scripting vulnerabilβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Kunal Shivale Global Meta Keyword & Description global-meta-keyword-and-description allows Stored XSS.This issue affects Global Meta Keyword & Description: from n/a through <= 2.3.
7.1
CVE-2025-26549 - WordPress WP Html Page Sitemap plugin <= 2.2 - CSRF to Stored Cross-Site Scripting
Cross-Site Request Forgery (CSRF) vulnerability in pa1 WP Html Page Sitemap wp-html-page-sitemap allows Stored XSS.This issue affects WP Html Page Sitemap: from n/a through <= 2.2.
7.1
CVE-2025-26547 - WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in nagarjunsonti My Login Logout Plugin my-loginlogout allows Stored XSS.This issue affects My Login Logout Plugin: from n/a through <= 2.4.