7.3
CVE-2024-13472 - WooCommerce Product Table Lite <= 3.9.4 - Unauthenticated Arbitrary Shortcode Execution & Reflectedβ¦
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.9.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it β¦
7.1
CVE-2025-24749 - WordPress EZPZ SAML SP Single Sign On (SSO) plugin <= 1.2.5 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Overt Software Solutions LTD EZPZ SAML SP Single Sign On (SSO) allows Cross Site Request Forgery. This issue affects EZPZ SAML SP Single Sign On (SSO): from n/a through 1.2.5.
7.1
CVE-2025-24718 - WordPress WP Sessions Time Monitoring Full Automatic Plugin <= 1.1.1 - Reflected Cross Site Scriptiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Reflected XSS.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.1.1.
7.1
CVE-2025-24710 - WordPress Gwolle Guestbook plugin <= 4.7.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcel Pol Gwolle Guestbook gwolle-gb allows Reflected XSS.This issue affects Gwolle Guestbook: from n/a through <= 4.7.1.
7.1
CVE-2025-24686 - WordPress RegistrationMagic Plugin <= 6.0.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Reflected XSS.This issue affects RegistrationMagic: from n/a through <= 6.0.3.3.
7.1
CVE-2025-24635 - WordPress Paytm β Donation Plugin plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in integrationdevpaytm Paytm Payment Donation paytm-donation allows Reflected XSS.This issue affects Paytm Payment Donation: from n/a through <= 2.3.1.
7.1
CVE-2025-24632 - WordPress Advanced Dynamic Pricing for WooCommerce Plugin <= 4.9.0 -Reflected Cross Site Scripting β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce advanced-dynamic-pricing-for-woocommerce allows Reflected XSS.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through <= 4.β¦
7.1
CVE-2025-24609 - WordPress PORTONE μ°μ»€λ¨Έμ€ κ²°μ Plugin <= 3.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PORTONE PORTONE μ°μ»€λ¨Έμ€ κ²°μ iamport-for-woocommerce allows Reflected XSS.This issue affects PORTONE μ°μ»€λ¨Έμ€ κ²°μ : from n/a through <= 3.2.4.
7.1
CVE-2025-24608 - WordPress GD Mail Queue Plugin <= 4.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD Mail Queue gd-mail-queue allows Reflected XSS.This issue affects GD Mail Queue: from n/a through <= 4.3.
6.5
CVE-2025-24597 - WordPress Barcode Generator for WooCommerce plugin <= 2.0.2 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for WooCommerce embedding-barcodes-into-product-pages-and-orders allows Retrieve Embedded Sensitive Data.This issue affects Barcode Generator for WooCommerce: from n/a through <= 2β¦