HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-57944

Apr 1, 2026 15:57:49 UTC

Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool skimlinks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Skimlinks Affiliate Marketing Tool: from n/a through <= 1.3.

CVE-2025-57943

Apr 1, 2026 15:57:49 UTC

Server-Side Request Forgery (SSRF) vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool skimlinks allows Server Side Request Forgery.This issue affects Skimlinks Affiliate Marketing Tool: from n/a through <= 1.3.1.

CVE-2025-57942

Apr 1, 2026 15:57:49 UTC

Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Emergency Password Reset emergency-password-reset allows Cross Site Request Forgery.This issue affects Emergency Password Reset: from n/a through <= 9.3.

CVE-2025-57941

Apr 1, 2026 15:57:49 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JonathanMH Append Link on Copy append-link-on-copy allows Stored XSS.This issue affects Append Link on Copy: from n/a through <= 0.2.

CVE-2025-57940

Apr 1, 2026 15:57:49 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Kumar Mukhiya Append extensions on Pages append-extensions-on-pages allows Stored XSS.This issue affects Append extensions on Pages...

CVE-2025-57939

Apr 1, 2026 15:57:48 UTC

Missing Authorization vulnerability in Blocksera Image Hover Effects – Elementor Addon image-hover-effects-addon-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Hover Effects – ...

CVE-2025-57938

Apr 1, 2026 15:57:48 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themewant Easy Hotel Booking easy-hotel allows DOM-Based XSS.This issue affects Easy Hotel Booking: from n/a through <= 1.9.0.

CVE-2025-57937

Apr 1, 2026 15:57:48 UTC

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Retrieve Embedded Sensitive Data.This issue affects WPeMatico RSS Feed Fetcher: from n/a through ...

CVE-2025-57936

Apr 1, 2026 15:57:48 UTC

Missing Authorization vulnerability in Meitar Subresource Integrity (SRI) Manager wp-sri allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subresource Integrity (SRI) Manager: from n/a through <= 0.4...

CVE-2025-57935

Apr 1, 2026 15:57:48 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ricky Dawn Bot Block &#8211; Stop Spam Referrals in Google Analytics bot-block-stop-spam-google-analytics-referrals allows Stored XSS.This...

CVE-2025-57934

Apr 1, 2026 15:57:47 UTC

Cross-Site Request Forgery (CSRF) vulnerability in Aurélien LWS LWS Affiliation lws-affiliation allows Cross Site Request Forgery.This issue affects LWS Affiliation: from n/a through <= 2.3.6.

CVE-2025-57933

Apr 1, 2026 15:57:47 UTC

Cross-Site Request Forgery (CSRF) vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Cross Site Request Forgery.This issue affects Piotnet Forms: from n/a through <= 1.0.30.

CVE-2025-57932

Apr 1, 2026 15:57:47 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Diego Pereira PowerFolio portfolio-elementor allows Stored XSS.This issue affects PowerFolio: from n/a through <= 3.2.1.

CVE-2025-57931

Apr 1, 2026 15:57:46 UTC

Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site Request Forgery.This issue affects Popup box: from n/a through <= 5.5.4.

CVE-2025-57930

Apr 1, 2026 15:57:46 UTC

Cross-Site Request Forgery (CSRF) vulnerability in kanwei_doublethedonation Double the Donation double-the-donation allows Cross Site Request Forgery.This issue affects Double the Donation: from n/a through <= 2.0.0.

Page: 53