CVE ID : CVE-2025-48259
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico España allows Cross Site Request Forgery. This issue affects WP Mapa Politico España: from n/a through 3.8.0.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48260
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48262
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Missing Authorization vulnerability in Michael Revellin-Clerc Url Rewrite Analyzer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Url Rewrite Analyzer: from n/a through 1.3.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48263
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in MultiVendorX MultiVendorX allows Stored XSS. This issue affects MultiVendorX: from n/a through 4.2.22.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48264
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in artiosmedia Product Code for WooCommerce allows Cross Site Request Forgery. This issue affects Product Code for WooCommerce: from n/a through 1.5.0.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48265
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Pektsekye Year Make Model Search for WooCommerce allows Cross Site Request Forgery. This issue affects Year Make Model Search for WooCommerce: from n/a through 1.0.11.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48266
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in RealMag777 Active Products Tables for WooCommerce allows Stored XSS. This issue affects Active Products Tables for WooCommerce: from n/a through 1.0.6.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48268
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Missing Authorization vulnerability in Guru Team Bot for Telegram on WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bot for Telegram on WooCommerce: from n/a through 1.2.6.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48269
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Greg Winiarski WPAdverts allows DOM-Based XSS. This issue affects WPAdverts: from n/a through 2.2.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48270
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in sonalsinha21 SKT Blocks allows DOM-Based XSS. This issue affects SKT Blocks: from n/a through 2.2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48272
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Missing Authorization vulnerability in wpjobportal WP Job Portal allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Job Portal: from n/a through 2.3.2.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48276
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through 45.11.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48277
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Stylemix Cost Calculator Builder allows Stored XSS. This issue affects Cost Calculator Builder: from n/a through 3.2.74.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48278
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in davidfcarr RSVPMarker allows SQL Injection. This issue affects RSVPMarker : from n/a through 11.5.6.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48280
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Ruben Garcia AutomatorWP allows Blind SQL Injection. This issue affects AutomatorWP: from n/a through 5.2.1.3.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48282
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Missing Authorization vulnerability in Majestic Support Majestic Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Majestic Support: from n/a through 1.1.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48284
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in shohei.tanaka Japanized For WooCommerce allows Cross Site Request Forgery. This issue affects Japanized For WooCommerce: from n/a through 2.6.40.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48285
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in sbouey Falang multilanguage allows Cross Site Request Forgery. This issue affects Falang multilanguage: from n/a through 1.3.61.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48288
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Element Invader ElementInvader Addons for Elementor allows Stored XSS. This issue affects ElementInvader Addons for Elementor: from n/a through 1.3.5.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48341
Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 10Web Form Maker by 10Web allows Stored XSS. This issue affects Form Maker by 10Web: from n/a through 1.15.33.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…