0.0
CVE-2025-64368 - WordPress Bard theme <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site Request Forgery.This issue affects Bard: from n/a through <= 1.6.
0.0
CVE-2025-64367 - WordPress Groundhogg plugin <= 4.2.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Tobey Groundhogg groundhogg allows Stored XSS.This issue affects Groundhogg: from n/a through <= 4.2.6.
0.0
CVE-2025-64366 - WordPress MasterStudy LMS plugin <= 3.6.27 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Blind SQL Injection.This issue affects MasterStudy LMS: from n/a through <= 3.6.27.
0.0
CVE-2025-64365 - WordPress Ohio Extra plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in colabrio Ohio Extra ohio-extra allows DOM-Based XSS.This issue affects Ohio Extra: from n/a through <= 3.6.0.
0.0
CVE-2025-64364 - WordPress Masterstudy theme < 4.8.126 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Masterstudy masterstudy allows PHP Local File Inclusion.This issue affects Masterstudy: from n/a through < 4.8.126.
0.0
CVE-2025-64363 - WordPress Kleo theme < 5.5.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeventhQueen Kleo kleo allows PHP Local File Inclusion.This issue affects Kleo: from n/a through < 5.5.0.
0.0
CVE-2025-64362 - WordPress K Elements plugin < 5.5.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeventhQueen K Elements k-elements allows DOM-Based XSS.This issue affects K Elements: from n/a through < 5.5.0.
0.0
CVE-2025-64361 - WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows DOM-Based XSS.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.2.
0.0
CVE-2025-64360 - WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.โฆ
0.0
CVE-2025-64359 - WordPress Consulting theme < 6.7.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through < 6.7.5.