HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-23857

May 11, 2026 23:35:21 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartDataSoft Essential WP Real Estate essential-wp-real-estate allows Reflected XSS.This issue affects Essential WP Real Estate: from n/a...

CVE-2025-23853

May 11, 2026 23:35:08 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in michelem NoFollow Free nofollow-free allows Reflected XSS.This issue affects NoFollow Free: from n/a through <= 1.6.3.

CVE-2025-22702

May 11, 2026 23:34:57 UTC

Missing Authorization vulnerability in ThemeGoods Photography photography allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photography: from n/a through <= 7.7.2.

CVE-2025-24688

May 11, 2026 23:34:45 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Reflected XSS.This issue affects WP Mailster: from n/a through <= 1.8.20.0.

CVE-2025-24617

May 11, 2026 23:34:34 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Reflected XSS.This issue affects AcyMailing SMTP Newsletter: from ...

CVE-2025-24567

May 11, 2026 23:34:22 UTC

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through <= 1.8.16.0.

CVE-2025-24558

May 11, 2026 23:34:09 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks support-x allows Reflected XSS.This issue affects CRM Perks: from n/a through <= 1.1.5.

CVE-2025-24565

May 11, 2026 23:33:58 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saleswonder Team: Tobias WP2LEADS wp2leads allows Reflected XSS.This issue affects WP2LEADS: from n/a through <= 3.3.3.

CVE-2025-24554

May 11, 2026 23:33:46 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awcode AWcode Toolkit awcode-toolkit allows Reflected XSS.This issue affects AWcode Toolkit: from n/a through <= 1.0.14.

CVE-2025-24592

May 11, 2026 23:33:35 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SysBasics Customize My Account for WooCommerce customize-my-account-for-woocommerce allows Reflected XSS.This issue affects Customize My A...

CVE-2025-24615

May 11, 2026 23:33:23 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fatcatapps Analytics Cat analytics-cat allows Reflected XSS.This issue affects Analytics Cat: from n/a through <= 1.1.2.

CVE-2025-24614

May 11, 2026 23:33:09 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agile Logix Post Timeline post-timeline allows Reflected XSS.This issue affects Post Timeline: from n/a through <= 2.3.9.

CVE-2025-24616

May 11, 2026 23:32:58 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UIUX Lab Uix Page Builder uix-page-builder allows Reflected XSS.This issue affects Uix Page Builder: from n/a through <= 1.7.3.

CVE-2025-24692

May 11, 2026 23:32:46 UTC

Missing Authorization vulnerability in M.Code Bulk Menu Edit bulk-menu-edit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Menu Edit: from n/a through <= 1.3.

CVE-2025-24566

May 11, 2026 23:32:34 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomáš Groulík Intro Tour Tutorial DeepPresentation dp-intro-tours allows Reflected XSS.This issue affects Intro Tour Tutorial DeepPresenta...

Page: 2