Filtered by vendor Wordpress Subscriptions
Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)
Total 7078 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-57965 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CodeUs WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3.
CVE-2025-58005 1 Wordpress 1 Wordpress 2025-09-23 5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft DriCub allows Server Side Request Forgery. This issue affects DriCub: from n/a through 2.9.
CVE-2025-58015 2 Ays-pro, Wordpress 2 Quiz Maker, Wordpress 2025-09-23 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker allows Retrieve Embedded Sensitive Data. This issue affects Quiz Maker: from n/a through 6.7.0.61.
CVE-2025-57980 1 Wordpress 1 Wordpress 2025-09-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas Cordero Safety Exit allows Stored XSS. This issue affects Safety Exit: from n/a through 1.8.0.
CVE-2025-58000 2 Memberful, Wordpress 2 Memberful, Wordpress 2025-09-23 5.3 Medium
Missing Authorization vulnerability in memberful Memberful allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Memberful: from n/a through 1.75.0.
CVE-2025-58228 3 Shapedplugin, Woocommerce, Wordpress 3 Quick View, Woocommerce, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin LLC Quick View for WooCommerce allows Stored XSS. This issue affects Quick View for WooCommerce: from n/a through 2.2.16.
CVE-2025-58023 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in akdevs Genealogical Tree allows Stored XSS. This issue affects Genealogical Tree: from n/a through 2.2.5.
CVE-2025-57993 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Pick Geolocation IP Detection allows Stored XSS. This issue affects Geolocation IP Detection: from n/a through 5.5.0.
CVE-2025-57987 2 Thimpress, Wordpress 2 Wp Events Manager, Wordpress 2025-09-23 5.3 Medium
Missing Authorization vulnerability in ThimPress WP Events Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Events Manager: from n/a through 2.2.1.
CVE-2025-57981 2 Catchsquare, Wordpress 2 Wp Social Widget, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.3.1.
CVE-2025-57962 2 E4jconnect, Wordpress 2 Vikrestaurants Table Reservations And Take-away, Wordpress 2025-09-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikRestaurants Table Reservations and Take-Away allows Stored XSS. This issue affects VikRestaurants Table Reservations and Take-Away: from n/a through 1.4.
CVE-2025-57992 2 Interserver, Wordpress 2 Mail Baby Smtp, Wordpress 2025-09-23 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in InterServer Mail Baby SMTP allows Cross Site Request Forgery. This issue affects Mail Baby SMTP: from n/a through 2.8.
CVE-2025-57985 2 Mantrabrain, Wordpress 2 Ultimate Watermark, Wordpress 2025-09-23 4.3 Medium
Missing Authorization vulnerability in MantraBrain Ultimate Watermark allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Watermark: from n/a through 1.1.
CVE-2025-57968 2 E4jconnect, Wordpress 2 Vikrestaurants Table Reservations And Take-away, Wordpress 2025-09-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikRestaurants Table Reservations and Take-Away allows Reflected XSS. This issue affects VikRestaurants Table Reservations and Take-Away: from n/a through 1.4.
CVE-2025-58025 2 Averta, Wordpress 2 Master Slider, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in averta Master Slider allows Stored XSS. This issue affects Master Slider: from n/a through 3.11.0.
CVE-2025-58003 2 Javothemes, Wordpress 2 Javo Core, Wordpress 2025-09-23 5.3 Medium
Missing Authorization vulnerability in javothemes Javo Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Javo Core: from n/a through 3.0.0.266.
CVE-2025-57984 2 Makestories, Wordpress 2 Makestories (for Google Web Stories), Wordpress 2025-09-23 4.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in Pratik Ghela MakeStories (for Google Web Stories) allows Server Side Request Forgery. This issue affects MakeStories (for Google Web Stories): from n/a through 3.0.4.
CVE-2025-58224 1 Wordpress 1 Wordpress 2025-09-23 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Printeers Printeers Print & Ship allows Cross Site Request Forgery. This issue affects Printeers Print & Ship: from n/a through 1.17.0.
CVE-2025-57967 3 Woocommerce, Wordpress, Wpbean 3 Woocommerce, Wordpress, Wpb Quick View 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean WPB Quick View for WooCommerce allows Stored XSS. This issue affects WPB Quick View for WooCommerce: from n/a through 2.1.8.
CVE-2025-57964 2 Photonicgnostic, Wordpress 2 Library Bookshelves, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in photonicgnostic Library Bookshelves allows Stored XSS. This issue affects Library Bookshelves: from n/a through 5.11.