Common Vulnerabilities and Exposures (CVE)
CVE-2025-58676
Cross-Site Request Forgery (CSRF) vulnerability in extendyourweb HORIZONTAL SLIDER horizontal-slider allows Stored XSS.This issue affects HORIZONTAL SLIDER: from n/a through <= 2.4.
CVE-2025-58675
Cross-Site Request Forgery (CSRF) vulnerability in tryinteract Interact: Embed A Quiz On Your Site interact-quiz-embed allows Cross Site Request Forgery.This issue affects Interact: Embed A Quiz On Your Site: from n/a through <= 3.1.
CVE-2025-58673
Improper Control of Generation of Code ('Code Injection') vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through <= 4.1.12.
CVE-2025-58672
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.1.12.
CVE-2025-58671
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in morganrichards Auction Feed auction-feed allows Stored XSS.This issue affects Auction Feed: from n/a through <= 1.1.4.
CVE-2025-58670
Cross-Site Request Forgery (CSRF) vulnerability in Shankaranand Maurya WP Content Protection wp-content-protection allows Stored XSS.This issue affects WP Content Protection: from n/a through <= 1.3.
CVE-2025-58669
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modern Minds Magento 2 WordPress Integration m2wp allows Stored XSS.This issue affects Magento 2 WordPress Integration: from n/a through <...
CVE-2025-58668
Missing Authorization vulnerability in VibeThemes WPLMS wplms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLMS : from n/a through <= 4.970.
CVE-2025-58667
Missing Authorization vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro Reviews: from n/a through < 2.9.11.
CVE-2025-58666
Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration website-chat-button-kommo-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Website Chat Button: Kommo ...
CVE-2025-58665
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tmontg1 Form Generator for WordPress form-generator-powered-by-jotform allows Stored XSS.This issue affects Form Generator for WordPress: ...
CVE-2025-58664
Missing Authorization vulnerability in Azizul Hasan Text To Speech TTS Accessibility text-to-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Text To Speech TTS Accessibility: from n/a through...
CVE-2025-58663
Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through <= 1.8.14.
CVE-2025-58662
Deserialization of Untrusted Data vulnerability in awesomesupport Awesome Support awesome-support allows Object Injection.This issue affects Awesome Support: from n/a through <= 6.3.5.
CVE-2025-58661
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eZee Technosys eZee Online Hotel Booking Engine online-booking-engine allows Stored XSS.This issue affects eZee Online Hotel Booking Engin...