CVE List - 2025 / April
Showing 2901 - 3000 of 4038 CVEs for April 2025 (Page 30 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-32582 | 2025-04-17 | WordPress WP AutoKeyword Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32578 | 2025-04-17 | WordPress Coming Soon Countdown Plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32573 | 2025-04-17 | WordPress KiotViet Sync Plugin <= 1.8.3 - SQL Injection vulnerability |
| CVE-2025-32572 | 2025-04-17 | WordPress Kata Plus Plugin <= 1.5.2 - PHP Object Injection vulnerability |
| CVE-2025-32571 | 2025-04-17 | WordPress TuriTop Booking System Plugin <= 1.0.10 - PHP Object Injection vulnerability |
| CVE-2025-32566 | 2025-04-17 | WordPress License For Envato Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32564 | 2025-04-17 | WordPress Stop Registration Spam Plugin <= 1.24 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32562 | 2025-04-17 | WordPress WP Easy Poll Plugin <= 2.2.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32561 | 2025-04-17 | WordPress WP_DEBUG Toggle plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32560 | 2025-04-17 | WordPress WP-Hijri Plugin <= 1.5.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32557 | 2025-04-17 | WordPress WP Featured Screenshot Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32554 | 2025-04-17 | WordPress Raptive Ads plugin <= 3.7.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32552 | 2025-04-17 | WordPress MSRP (RRP) Pricing for WooCommerce Plugin <= 1.8.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32548 | 2025-04-17 | WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32546 | 2025-04-17 | WordPress All push notification for WP Plugin <= 1.5.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32545 | 2025-04-17 | WordPress WooCommerce Products without featured images Plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32544 | 2025-04-17 | WordPress WooCommerce Loyal Customers plugin <= 2.6 - Broken Access Control vulnerability |
| CVE-2025-32540 | 2025-04-17 | WordPress Feedify – Web Push Notifications plugin <= 2.4.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32535 | 2025-04-17 | WordPress DN Shipping by Weight for WooCommerce Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32533 | 2025-04-17 | WordPress Deliver via Shipos for WooCommerce Plugin <= 2.1.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32532 | 2025-04-17 | WordPress UXsniff Plugin <= 1.2.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32531 | 2025-04-17 | WordPress Arconix FAQ plugin <= 1.9.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32530 | 2025-04-17 | WordPress Wallet System for WooCommerce plugin <= 2.6.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32529 | 2025-04-17 | WordPress iONE360 configurator plugin <= 2.0.56 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32528 | 2025-04-17 | WordPress iCal Feeds Plugin <= 1.5.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32527 | 2025-04-17 | WordPress T&P Gallery Slider plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32526 | 2025-04-17 | WordPress Zephyr Project Manager plugin <= 3.3.101 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32522 | 2025-04-17 | WordPress License Manager for WooCommerce plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32521 | 2025-04-17 | WordPress Cool Flipbox plugin <= 1.8.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32520 | 2025-04-17 | WordPress WordPress Health and Server Condition plugin <= 4.1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32516 | 2025-04-17 | WordPress Related Videos for JW Player plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32515 | 2025-04-17 | WordPress Terminal Africa plugin <= 1.13.17 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32514 | 2025-04-17 | WordPress WooCommerce Estimate and Quote plugin <= 1.0.2.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32513 | 2025-04-17 | WordPress Total processing card payments for WooCommerce plugin <= 7.1.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32512 | 2025-04-17 | WordPress Revamp CRM for WooCommerce plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32511 | 2025-04-17 | WordPress Make Email Customizer for WooCommerce plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32508 | 2025-04-17 | WordPress Course Booking System plugin <= 6.0.7 - Reflected Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-32507 | 2025-04-17 | WordPress Event Espresso plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32506 | 2025-04-17 | WordPress AT Internet SmartTag plugin <= 0.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32504 | 2025-04-17 | WordPress Silvasoft boekhouden plugin <= 3.0.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32490 | 2025-04-17 | WordPress wp secure <= 1.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-31380 | 2025-04-17 | WordPress Paid Videochat Turnkey Site plugin <= 7.3.11 - Broken Authentication Vulnerability |
| CVE-2025-31030 | 2025-04-17 | WordPress Ray Enterprise Translation <= 1.7.0 - Local File Inclusion Vulnerability |
| CVE-2025-31018 | 2025-04-17 | WordPress FireDrum Email Marketing plugin <= 1.64 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31006 | 2025-04-17 | WordPress Activity Reactions For Buddypress plugin <= 1.0.22 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27354 | 2025-04-17 | WordPress Simple Email Subscriber plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27346 | 2025-04-17 | WordPress Rebuild Permalinks Plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27345 | 2025-04-17 | WordPress Booking Ultra Pro Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27343 | 2025-04-17 | WordPress WooCommerce HTML5 Video Plugin <= 1.7.10 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27338 | 2025-04-17 | WordPress List Urls Plugin <= 0.2 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27337 | 2025-04-17 | WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27333 | 2025-04-17 | WordPress Protected wp-login Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27324 | 2025-04-17 | WordPress 17TRACK for WooCommerce Plugin <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27322 | 2025-04-17 | WordPress QR Code for WooCommerce Plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27319 | 2025-04-17 | WordPress User List plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27314 | 2025-04-17 | WordPress Kush Micro News Plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27313 | 2025-04-17 | WordPress Google Maps GPX Viewer Plugin <= 3.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27310 | 2025-04-17 | WordPress Page and Post Lister plugin <= 1.2.1 - Arbitrary Content Deletion vulnerability |
| CVE-2025-27309 | 2025-04-17 | WordPress flickr-slideshow-wrapper Plugin <= 5.4.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27308 | 2025-04-17 | WordPress WP Video Posts plugin <= 3.5.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27302 | 2025-04-17 | WordPress CHATLIVE plugin <= 2.0.1 - SQL Injection vulnerability |
| CVE-2025-27299 | 2025-04-17 | WordPress MyTicket Events plugin <= 1.2.4 - Non-Arbitrary File Read vulnerability |
| CVE-2025-27295 | 2025-04-17 | WordPress Live css plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27293 | 2025-04-17 | WordPress Shipmozo Courier Tracking plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27292 | 2025-04-17 | WordPress WPYog Documents Plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27291 | 2025-04-17 | WordPress Photo Gallery – Image Gallery Plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27289 | 2025-04-17 | WordPress Restrict Taxonomies Plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27288 | 2025-04-17 | WordPress File Icons Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27287 | 2025-04-17 | WordPress SS Quiz Plugin <= 2.0.5 - PHP Object Injection vulnerability |
| CVE-2025-27286 | 2025-04-17 | WordPress Saoshyant Slider Plugin <= 3.0 - PHP Object Injection vulnerability |
| CVE-2025-27285 | 2025-04-17 | WordPress Easy Form by AYS Plugin <= 2.6.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27284 | 2025-04-17 | WordPress Flagged Content Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-27283 | 2025-04-17 | WordPress Theme File Duplicator Plugin <= 1.3 - Arbitrary File Download vulnerability |
| CVE-2025-27282 | 2025-04-17 | WordPress Theme File Duplicator Plugin <= 1.3 - Arbitrary File Upload vulnerability |
| CVE-2025-24752 | 2025-04-17 | WordPress Essential Addons for Elementor plugin <= 6.0.14 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24745 | 2025-04-17 | WordPress Classified Listing plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24737 | 2025-04-17 | WordPress WP Helper Premium plugin <= 4.6.1 - Broken Access Control vulnerability |
| CVE-2025-24670 | 2025-04-17 | WordPress Term Taxonomy Converter Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24655 | 2025-04-17 | WordPress Wishlist Plugin <= 1.0.39 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24651 | 2025-04-17 | WordPress WebToffee WP Backup and Migration plugin <= 1.5.3 - Sensitive Data Exposure vulnerability |
| CVE-2025-24645 | 2025-04-17 | WordPress Eazy Under Construction Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24640 | 2025-04-17 | WordPress Empty Tags Remover Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24637 | 2025-04-17 | WordPress Beacon Lead Magnets and Lead Capture Plugin <= 1.5.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24624 | 2025-04-17 | WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24621 | 2025-04-17 | WordPress Arconix Shortcodes plugin <= 2.1.15 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24619 | 2025-04-17 | WordPress WP Log Action Plugin <= 0.51 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24586 | 2025-04-17 | WordPress Shipment Tracker for Woocommerce plugin <= 1.4.23 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24583 | 2025-04-17 | WordPress 12 Step Meeting List plugin <= 3.16.5 - Settings Change vulnerability |
| CVE-2025-24581 | 2025-04-17 | WordPress Instantio plugin <= 3.3.7 - Settings Change vulnerability |
| CVE-2025-24577 | 2025-04-17 | WordPress Poll Maker plugin <= 5.5.0 - Broken Access Control vulnerability |
| CVE-2025-24553 | 2025-04-17 | WordPress Shipping with Venipak for WooCommerce plugin <= 1.22.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24550 | 2025-04-17 | WordPress Job Manager plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24548 | 2025-04-17 | WordPress Autoglot – Automatic WordPress Translation plugin <=2.4.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-24539 | 2025-04-17 | WordPress DeBounce Email Validator plugin <= 5.6.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23958 | 2025-04-17 | WordPress Editor Wysiwyg Background Color plugin <= 1.0 - Broken Access Control vulnerability |
| CVE-2025-23906 | 2025-04-17 | WordPress WordPress Dashboard Tweeter plugin <= 1.3.2 - Settings Change vulnerability |
| CVE-2025-23858 | 2025-04-17 | WordPress Custom Users Order Plugin <= 4.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23855 | 2025-04-17 | WordPress SpiderDisplay plugin <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23782 | 2025-04-17 | WordPress TotalContest Lite Plugin <= 2.8.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23773 | 2025-04-17 | WordPress Delete All Posts plugin <= 1.1.1 - Broken Access Control vulnerability |