6.5
CVE-2025-27347 - WordPress Direct Checkout Button for WooCommerce plugin <= 1.0 - Cross Site Scripting (XSS) vulneraโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in techmix Direct Checkout Button for WooCommerce woo-direct-checkout-button allows Stored XSS.This issue affects Direct Checkout Button for WooCommerce: from n/a through <= 1.0.
4.3
CVE-2025-27344 - WordPress Phee's LinkPreview Plugin <= 1.6.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in filipstepanov Phee's LinkPreview linkpreview allows Cross Site Request Forgery.This issue affects Phee's LinkPreview: from n/a through <= 1.6.7.
4.3
CVE-2025-27342 - WordPress WooCommerce Recargo de Equivalencia Plugin <= 1.6.24 - Cross Site Request Forgery (CSRF) โฆ
Cross-Site Request Forgery (CSRF) vulnerability in josesan WooCommerce Recargo de Equivalencia woo-recargo-de-equivalencia allows Cross Site Request Forgery.This issue affects WooCommerce Recargo de Equivalencia: from n/a through <= 1.6.24.
6.5
CVE-2025-27341 - WordPress Reactive Mortgage Calculator plugin <= 1.1 - Stored Cross Site Scripting (XSS) vulnerabilโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in afzal_du Reactive Mortgage Calculator reactive-mortgage-calculator allows Stored XSS.This issue affects Reactive Mortgage Calculator: from n/a through <= 1.1.
5.4
CVE-2025-27340 - WordPress F12-Profiler Plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Forge12 Interactive GmbH F12-Profiler f12-profiler allows Cross Site Request Forgery.This issue affects F12-Profiler: from n/a through <= 1.3.9.
4.3
CVE-2025-27339 - WordPress Minimum Password Strength Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerabiliโฆ
Cross-Site Request Forgery (CSRF) vulnerability in Will Anderson Minimum Password Strength minimum-password-strength allows Cross Site Request Forgery.This issue affects Minimum Password Strength: from n/a through <= 1.2.0.
4.3
CVE-2025-27336 - WordPress Just Variables Plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just Variables just-wp-variables allows Cross Site Request Forgery.This issue affects Just Variables: from n/a through <= 1.2.3.
4.3
CVE-2025-27335 - WordPress Auto Tag Links Plugin <= 1.0.13 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Free plug in by SEO Roma Auto Tag Links auto-tag-links allows Cross Site Request Forgery.This issue affects Auto Tag Links: from n/a through <= 1.0.13.
7.1
CVE-2025-27332 - WordPress Smart Maintenance & Countdown Plugin <= 1.2 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in gmnazmul Smart Maintenance & Countdown smart-maintenance-countdown allows Stored XSS.This issue affects Smart Maintenance & Countdown: from n/a through <= 1.2.
6.5
CVE-2025-27331 - WordPress WooCommerce Display Products by Tags plugin <= 1.0.0 - Cross Site Scripting (XSS) vulneraโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sรฉbastien Dumont WooCommerce Display Products by Tags woocommerce-display-products-by-tags allows DOM-Based XSS.This issue affects WooCommerce Display Products by Tags: from n/a through <= 1.0.0.