CyberAlerts

CVE-2025-30950

WordPress All Currencies for WooCommerce <= 2.4.4 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham All Currencies for WooCommerce allows Stored XSS. This issue affects All Currencies for WooCommerce: from n/a through 2.4.4.

CVSS: MEDIUM (6.5)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30948

WordPress Layouts for Elementor <= 1.11 - Cross Site Request Forgery (CSRF) Vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in Giraphix Creative Layouts for Elementor allows Cross Site Request Forgery. This issue affects Layouts for Elementor: from n/a through 1.11.

CVSS: MEDIUM (4.3)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30946

WordPress Custom Bulk/Quick Edit <= 1.6.10 - Cross Site Request Forgery (CSRF) Vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in Michael Cannon Custom Bulk/Quick Edit allows Cross Site Request Forgery. This issue affects Custom Bulk/Quick Edit: from n/a through 1.6.10.

CVSS: MEDIUM (4.3)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30945

WordPress Taskbuilder <= 4.0.3 - Broken Access Control Vulnerability

Description: Missing Authorization vulnerability in taskbuilder Taskbuilder allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Taskbuilder: from n/a through 4.0.3.

CVSS: MEDIUM (5.3)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30942

WordPress Post Custom Templates Lite <= 1.14 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Post Custom Templates Lite allows Stored XSS. This issue affects Post Custom Templates Lite: from n/a through 1.14.

CVSS: MEDIUM (5.9)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30941

WordPress Pinterest Verify Meta Tag <= 1.3 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marvie Pons Pinterest Verify Meta Tag allows Stored XSS. This issue affects Pinterest Verify Meta Tag: from n/a through 1.3.

CVSS: MEDIUM (5.9)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30940

WordPress Melipayamak <= 2.2.12 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in melipayamak Melipayamak allows Stored XSS. This issue affects Melipayamak: from n/a through 2.2.12.

CVSS: MEDIUM (5.9)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30939

WordPress IFrame Widget <= 4.1 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debashish IFrame Widget allows Stored XSS. This issue affects IFrame Widget: from n/a through 4.1.

CVSS: MEDIUM (5.9)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30938

WordPress Broadly for WordPress <= 3.0.2 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in broadly Broadly for WordPress allows Stored XSS. This issue affects Broadly for WordPress: from n/a through 3.0.2.

CVSS: MEDIUM (5.9)

Source: CVE

June 6th, 2025 (1 day ago)

CVE-2025-30937

WordPress Responsify WP <= 1.9.11 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stefanledin Responsify WP allows Stored XSS. This issue affects Responsify WP: from n/a through 1.9.11.

CVSS: MEDIUM (5.9)

Source: CVE

June 6th, 2025 (1 day ago)

Threat and Vulnerability Intelligence Database

Example Searches: