Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2025-48166
|
N/A |
Missing Authorization vulnerability in Bill Minozzi Stop and Block bots plugin Anti bots allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Stop and Block bots plugin Anti bots: from n/a through 1.48.
|
16 Jul 2025
|
|
|
CVE-2025-48167
|
N/A |
Missing Authorization vulnerability in alexvtn Chatbox Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chatbox Manager: from n/a through 1.2.5.
|
16 Jul 2025
|
|
|
CVE-2025-48294
|
N/A |
Server-Side Request Forgery (SSRF) vulnerability in Kerfred FG Drupal to WordPress allows Server Side Request Forgery. This issue affects FG Drupal to WordPress: from n/a through 3.90.0.
|
16 Jul 2025
|
|
|
CVE-2025-48295
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Easy Elementor Addons allows Stored XSS. This issue affects Easy Elementor Addons: from n/a through 2.2.5.
|
16 Jul 2025
|
|
|
CVE-2025-48299
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YayExtra allows SQL Injection. This issue affects YayExtra: from n/a through 1.5.5.
|
16 Jul 2025
|
|
|
CVE-2025-48301
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for SendGrid – YaySMTP allows SQL Injection. This issue affects SMTP for SendGrid – YaySMTP: from n/a through 1.5.
|
16 Jul 2025
|
|
|
CVE-2025-54051
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LightBox Block allows Stored XSS. This issue affects LightBox Block: from n/a through 1.1.30.
|
16 Jul 2025
|
|
|
CVE-2025-54050
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Addons for Elementor allows Stored XSS. This issue affects Responsive Addons for Elementor: from n/a through 1.7.3.
|
16 Jul 2025
|
|
|
CVE-2025-54047
|
N/A |
Missing Authorization vulnerability in QuanticaLabs Cost Calculator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cost Calculator: from n/a through 7.4.
|
16 Jul 2025
|
|
|
CVE-2025-54043
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for Amazon SES allows SQL Injection. This issue affects SMTP for Amazon SES: from n/a through 1.9.
|
16 Jul 2025
|
|
|
CVE-2025-54042
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site Request Forgery. This issue affects WP Post Hide: from n/a through 1.0.9.
|
16 Jul 2025
|
|
|
CVE-2025-54041
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows Cross Site Request Forgery. This issue affects Wallet System for WooCommerce: from n/a through 2.6.7.
|
16 Jul 2025
|
|
|
CVE-2025-54039
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator allows Cross Site Request Forgery. This issue affects Animator: from n/a through 3.0.16.
|
16 Jul 2025
|
|
|
CVE-2025-54038
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress allows Cross Site Request Forgery. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.6.
|
16 Jul 2025
|
|
|
CVE-2025-54037
|
N/A |
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects News Kit Elementor Addons: from n/a through 1.3.4.
|
16 Jul 2025
|
|
|
CVE-2025-54036
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows Cross Site Request Forgery. This issue affects Webba Booking: from n/a through 5.1.20.
|
16 Jul 2025
|
|
|
CVE-2025-54035
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross Site Request Forgery. This issue affects Newsletters: from n/a through 4.10.
|
16 Jul 2025
|
|
|
CVE-2025-54033
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in BlocksWP Theme Builder For Elementor allows Cross Site Request Forgery. This issue affects Theme Builder For Elementor: from n/a through 1.2.3.
|
16 Jul 2025
|
|
|
CVE-2025-54030
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in GSheetConnector by WesternDeal WooCommerce Google Sheet Connector allows Cross Site Request Forgery. This issue affects WooCommerce Google Sheet Connector: from n/a through 1.3.20.
|
16 Jul 2025
|
|
|
CVE-2025-54026
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuanticaLabs GymBase Theme Classes allows SQL Injection. This issue affects GymBase Theme Classes: from n/a through 1.4.
|
16 Jul 2025
|
|
|
CVE-2025-54024
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts allows DOM-Based XSS. This issue affects WPAdverts: from n/a through 2.2.5.
|
16 Jul 2025
|
|
|
CVE-2025-54023
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Delicious WP Delicious allows DOM-Based XSS. This issue affects WP Delicious: from n/a through 1.8.4.
|
16 Jul 2025
|
|
|
CVE-2025-54022
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Cross Site Request Forgery. This issue affects Coupon Affiliates: from n/a through 6.4.0.
|
16 Jul 2025
|
|
|
CVE-2025-54020
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Erik AntiSpam for Contact Form 7 allows Cross Site Request Forgery. This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.3.
|
16 Jul 2025
|
|
|
CVE-2025-54018
|
N/A |
Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Pop-Up banners: from n/a through 1.8.4.
|
16 Jul 2025
|
CVE-2025-48166
N/A
16 Jul 2025
Missing Authorization vulnerability in Bill Minozzi Stop and Block bots plugin Anti bots allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Stop and Block bots plugin Anti bots: from n/a through 1.48.
CVE-2025-48167
N/A
16 Jul 2025
Missing Authorization vulnerability in alexvtn Chatbox Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chatbox Manager: from n/a through 1.2.5.
CVE-2025-48294
N/A
16 Jul 2025
Server-Side Request Forgery (SSRF) vulnerability in Kerfred FG Drupal to WordPress allows Server Side Request Forgery. This issue affects FG Drupal to WordPress: from n/a through 3.90.0.
CVE-2025-48295
N/A
16 Jul 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Easy Elementor Addons allows Stored XSS. This issue affects Easy Elementor Addons: from n/a through 2.2.5.
CVE-2025-48299
N/A
16 Jul 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YayExtra allows SQL Injection. This issue affects YayExtra: from n/a through 1.5.5.
CVE-2025-48301
N/A
16 Jul 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for SendGrid – YaySMTP allows SQL Injection. This issue affects SMTP for SendGrid – YaySMTP: from n/a through 1.5.
CVE-2025-54051
N/A
16 Jul 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LightBox Block allows Stored XSS. This issue affects LightBox Block: from n/a through 1.1.30.
CVE-2025-54050
N/A
16 Jul 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Addons for Elementor allows Stored XSS. This issue affects Responsive Addons for Elementor: from n/a through 1.7.3.
CVE-2025-54047
N/A
16 Jul 2025
Missing Authorization vulnerability in QuanticaLabs Cost Calculator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cost Calculator: from n/a through 7.4.
CVE-2025-54043
N/A
16 Jul 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for Amazon SES allows SQL Injection. This issue affects SMTP for Amazon SES: from n/a through 1.9.
CVE-2025-54042
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site Request Forgery. This issue affects WP Post Hide: from n/a through 1.0.9.
CVE-2025-54041
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows Cross Site Request Forgery. This issue affects Wallet System for WooCommerce: from n/a through 2.6.7.
CVE-2025-54039
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator allows Cross Site Request Forgery. This issue affects Animator: from n/a through 3.0.16.
CVE-2025-54038
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress allows Cross Site Request Forgery. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.6.
CVE-2025-54037
N/A
16 Jul 2025
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects News Kit Elementor Addons: from n/a through 1.3.4.
CVE-2025-54036
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows Cross Site Request Forgery. This issue affects Webba Booking: from n/a through 5.1.20.
CVE-2025-54035
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross Site Request Forgery. This issue affects Newsletters: from n/a through 4.10.
CVE-2025-54033
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in BlocksWP Theme Builder For Elementor allows Cross Site Request Forgery. This issue affects Theme Builder For Elementor: from n/a through 1.2.3.
CVE-2025-54030
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in GSheetConnector by WesternDeal WooCommerce Google Sheet Connector allows Cross Site Request Forgery. This issue affects WooCommerce Google Sheet Connector: from n/a through 1.3.20.
CVE-2025-54026
N/A
16 Jul 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuanticaLabs GymBase Theme Classes allows SQL Injection. This issue affects GymBase Theme Classes: from n/a through 1.4.
CVE-2025-54024
N/A
16 Jul 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts allows DOM-Based XSS. This issue affects WPAdverts: from n/a through 2.2.5.
CVE-2025-54023
N/A
16 Jul 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Delicious WP Delicious allows DOM-Based XSS. This issue affects WP Delicious: from n/a through 1.8.4.
CVE-2025-54022
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Cross Site Request Forgery. This issue affects Coupon Affiliates: from n/a through 6.4.0.
CVE-2025-54020
N/A
16 Jul 2025
Cross-Site Request Forgery (CSRF) vulnerability in Erik AntiSpam for Contact Form 7 allows Cross Site Request Forgery. This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.3.
CVE-2025-54018
N/A
16 Jul 2025
Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Pop-Up banners: from n/a through 1.8.4.
Page 246 of 690
Page 246 of 690