Common Vulnerabilities and Exposures (CVE)

CVE-2025-22646

May 12, 2026 23:55:58 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Element...

CVE-2025-22659

May 12, 2026 23:55:42 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through <= 2.10...

CVE-2025-22638

May 12, 2026 23:55:28 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in acowebs Product Table For WooCommerce product-table-for-woocommerce allows Stored XSS.This issue affects Product Table For WooCommerce: fr...

CVE-2025-22665

May 12, 2026 23:55:13 UTC

Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad unusedcss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RapidLoad: from n/a through <= 2.4.4.

CVE-2025-23487

May 12, 2026 23:54:58 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in odihost Easy Gallery simple-gallery-odihost allows Reflected XSS.This issue affects Easy Gallery: from n/a through <= 1.4.

CVE-2025-23741

May 12, 2026 23:54:44 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Florian Chaillou Notifications Center notifications-center allows Reflected XSS.This issue affects Notifications Center: from n/a through ...

CVE-2025-23451

May 12, 2026 23:54:30 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in titodevera Awesome Twitter Feeds awesome-twitter-feeds allows Reflected XSS.This issue affects Awesome Twitter Feeds: from n/a through <= ...

CVE-2025-23613

May 12, 2026 23:54:15 UTC

Missing Authorization vulnerability in mediabeta WP Journal wpjournal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Journal: from n/a through <= 1.1.

CVE-2025-23813

May 12, 2026 23:54:01 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tony Hayes Guten Free Options guten-free-options allows Reflected XSS.This issue affects Guten Free Options: from n/a through <= 0.9.7.

CVE-2025-23829

May 12, 2026 23:53:46 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codingkart Woo Update Variations In Cart woo-update-variations-in-cart allows Stored XSS.This issue affects Woo Update Variations In Cart:...

CVE-2025-23576

May 12, 2026 23:53:32 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cfuze WP Intro.JS wp-intro-js-tours allows Reflected XSS.This issue affects WP Intro.JS: from n/a through <= 1.1.

CVE-2025-23439

May 12, 2026 23:53:17 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in willshouse TinyMCE Extended Config tinymce-extended-config allows Reflected XSS.This issue affects TinyMCE Extended Config: from n/a throu...

CVE-2025-23731

May 12, 2026 23:53:02 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in infosoftplugin Tax Report for WooCommerce tax-report-for-woocommerce allows Reflected XSS.This issue affects Tax Report for WooCommerce: f...

CVE-2025-23738

May 12, 2026 23:52:48 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Padam Shankhadev Ps Ads Pro ps-ads-pro allows Reflected XSS.This issue affects Ps Ads Pro: from n/a through <= 1.0.0.

CVE-2025-23726

May 12, 2026 23:52:33 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thebloghouse ComparePress comparepress allows Reflected XSS.This issue affects ComparePress: from n/a through <= 2.0.8.