6.5
CVE-2025-22743 - WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian β¦
6.5
CVE-2025-22744 - WordPress S-DEV SEO plugin <= 1.88 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seodev S-DEV SEO s-dev-seo allows Stored XSS.This issue affects S-DEV SEO: from n/a through <= 1.88.
6.5
CVE-2025-22745 - WordPress Navigation Du Lapin Blanc plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bjoerne Navigation Du Lapin Blanc navigation-du-lapin-blanc allows DOM-Based XSS.This issue affects Navigation Du Lapin Blanc: from n/a through <= 1.1.1.
6.5
CVE-2025-22746 - WordPress HireHive Job Plugin plugin <= 2.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zartis HireHive Job Plugin zartis-job-plugin allows Stored XSS.This issue affects HireHive Job Plugin: from n/a through <= 2.9.0.
6.5
CVE-2025-22747 - WordPress Foundation Columns plugin <= 0.8 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tormorten Foundation Columns foundation-columns allows Stored XSS.This issue affects Foundation Columns: from n/a through <= 0.8.
6.5
CVE-2025-22748 - WordPress SetMore Theme β Custom Post Types plugin <= 1.1 - Stored Cross Site Scripting (XSS) vulneβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Setmore SetMore Theme β Custom Post Types service-provider-profile-cpt allows Stored XSS.This issue affects SetMore Theme β Custom Post Types: from n/a through <= 1.1.
6.5
CVE-2025-22749 - WordPress Social Media Engine plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemesCraft.co Social Media Engine social-media-engine allows Stored XSS.This issue affects Social Media Engine: from n/a through <= 1.0.2.
7.1
CVE-2025-22750 - WordPress Post Carousel & Slider plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Patel Post Carousel & Slider post-types-carousel-slider allows Reflected XSS.This issue affects Post Carousel & Slider: from n/a through <= 1.0.4.
7.1
CVE-2025-22751 - WordPress Partners Plugin <= 0.2.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in farinspace Partners partners allows Reflected XSS.This issue affects Partners: from n/a through <= 0.2.0.
7.1
CVE-2025-22752 - WordPress GSheetConnector for Forminator Forms Plugin <= 1.0.12 - Reflected Cross Site Scripting (Xβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WesternDeal GSheetConnector for Forminator Forms gsheetconnector-forminator allows Reflected XSS.This issue affects GSheetConnector for Forminator Forms: from n/a through <= 1.0.12.