Full List

Search

Recent Vulnerabilities

• CVE-2025-24548 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Autoglot Autoglot – Automatic WordPress Translation allows Reflected XSS. This issue affects Autoglot – Automatic WordPress Translation: from n/a through 2.4.7.
• CVE-2025-24550 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JobScore Job Manager allows Stored XSS. This issue affects Job Manager: from n/a through 2.2.
• CVE-2025-24553 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akadrama Shipping with Venipak for WooCommerce allows Reflected XSS. This issue affects Shipping with Venipak for WooCommerce: from n/a through 1.22.3.
• CVE-2025-24577 • published on April 17, 2025 Missing Authorization vulnerability in Ays Pro Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Poll Maker: from n/a through 5.5.0.
• CVE-2025-24581 • published on April 17, 2025 Missing Authorization vulnerability in Themefic Instantio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Instantio: from n/a through 3.3.7.
• CVE-2025-24583 • published on April 17, 2025 Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a through 3.16.5.
• CVE-2025-24586 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bitsstech Shipment Tracker for Woocommerce allows Reflected XSS. This issue affects Shipment Tracker for Woocommerce: from n/a through 1.4.23.
• CVE-2025-24619 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webheadcoder WP Log Action allows Reflected XSS. This issue affects WP Log Action: from n/a through 0.51.
• CVE-2025-24621 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tychesoftwares Arconix Shortcodes allows Reflected XSS. This issue affects Arconix Shortcodes: from n/a through 2.1.15.
• CVE-2025-24624 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTech HT Event allows Reflected XSS. This issue affects HT Event: from n/a through 1.4.6.
• CVE-2025-24637 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture allows Reflected XSS. This issue affects Beacon Lead Magnets and Lead Capture: from n/a through 1.5.7.
• CVE-2025-24640 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan-Lucian Stefancu Empty Tags Remover allows Reflected XSS. This issue affects Empty Tags Remover: from n/a through 1.0.
• CVE-2025-24645 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob Scott Eazy Under Construction allows Reflected XSS. This issue affects Eazy Under Construction: from n/a through 1.0.
• CVE-2025-24651 • published on April 17, 2025 Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration allows Retrieve Embedded Sensitive Data. This issue affects WordPress Backup & Migration: from n/a through 1.5.3.
• CVE-2025-24655 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist allows Reflected XSS. This issue affects Wishlist: from n/a through 1.0.39.
• CVE-2025-24670 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dhanendran Rajagopal Term Taxonomy Converter allows Reflected XSS. This issue affects Term Taxonomy Converter: from n/a through 1.2.
• CVE-2025-24737 • published on April 17, 2025 Missing Authorization vulnerability in Mat Bao Corporation WP Helper Premium allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Helper Premium: from n/a through 4.6.1.
• CVE-2025-24745 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Classified Listing allows Reflected XSS. This issue affects Classified Listing: from n/a through 4.0.1.
• CVE-2025-24752 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Reflected XSS. This issue affects Essential Addons for Elementor: from n/a through 6.0.14.
• CVE-2025-27282 • published on April 17, 2025 Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator allows Using Malicious Files. This issue affects Theme File Duplicator: from n/a through 1.3.