CVE List - 2025 / June
Showing 601 - 700 of 840 CVEs for June 2025 (Page 7 of 9)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-49242 | 2025-06-06 | WordPress Bellows Accordion Menu <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49243 | 2025-06-06 | WordPress ShiftNav – Responsive Mobile Menu <= 1.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49244 | 2025-06-06 | WordPress Shortcodes Ultimate <= 7.3.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49246 | 2025-06-06 | WordPress Testimonials Showcase <= 1.9.16 - Broken Access Control Vulnerability |
| CVE-2025-49248 | 2025-06-06 | WordPress Team Showcase < 25.05.13 - Broken Access Control Vulnerability |
| CVE-2025-49250 | 2025-06-06 | WordPress Team Showcase plugin < 25.05.13 - Arbitrary Shortcode Execution vulnerability |
| CVE-2025-49262 | 2025-06-06 | WordPress Sina Extension for Elementor <= 3.6.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49263 | 2025-06-06 | WordPress WC Vendors Marketplace <= 2.5.6 - SQL Injection Vulnerability |
| CVE-2025-49268 | 2025-06-06 | WordPress Verge3D <= 4.9.4 - Broken Access Control Vulnerability |
| CVE-2025-49269 | 2025-06-06 | WordPress Market Exporter <= 2.0.22 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49270 | 2025-06-06 | WordPress WP-CRM System <= 3.4.2 - Broken Access Control Vulnerability |
| CVE-2025-49272 | 2025-06-06 | WordPress Trinity Audio <= 5.20.0 - Broken Access Control Vulnerability |
| CVE-2025-49273 | 2025-06-06 | WordPress WP Tools <= 5.24 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49283 | 2025-06-06 | WordPress Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant <= 4.1.1 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49284 | 2025-06-06 | WordPress WP Maintenance Mode & Site Under Construction <= 4.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49285 | 2025-06-06 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent <= 3.8.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49286 | 2025-06-06 | WordPress WP Table Builder <= 2.0.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49287 | 2025-06-06 | WordPress Product Feed for WooCommerce <= 2.2.8 - Broken Access Control Vulnerability |
| CVE-2025-49288 | 2025-06-06 | WordPress Ultimate WP Mail <= 1.3.5 - Broken Access Control Vulnerability |
| CVE-2025-49289 | 2025-06-06 | WordPress PDF for WPForms <= 5.5.0 - Broken Access Control Vulnerability |
| CVE-2025-49291 | 2025-06-06 | WordPress Calculated Fields Form <= 5.3.58 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49292 | 2025-06-06 | WordPress Profile Builder <= 3.13.8 - Content Spoofing Vulnerability |
| CVE-2025-49293 | 2025-06-06 | WordPress Crawlomatic Multisite Scraper Post Generator <= 2.6.8.2 - Broken Access Control Vulnerability |
| CVE-2025-49294 | 2025-06-06 | WordPress Crawlomatic Multisite Scraper Post Generator plugin <= 2.6.8.2 - Sensitive Data Exposure via Log Exposure vulnerability |
| CVE-2025-49298 | 2025-06-06 | WordPress Event post <= 5.10.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49299 | 2025-06-06 | WordPress WebHotelier <= 1.9.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49301 | 2025-06-06 | WordPress Greenshift <= 11.5.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49304 | 2025-06-06 | WordPress Search with Typesense <= 2.0.10 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49305 | 2025-06-06 | WordPress Product Catalog Simple <= 1.8.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49306 | 2025-06-06 | WordPress WP Social Widget <= 2.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49307 | 2025-06-06 | WordPress WP Multilang <= 2.4.19 - Local File Inclusion Vulnerability |
| CVE-2025-49308 | 2025-06-06 | WordPress WP Travel Engine <= 6.5.1 - Local File Inclusion Vulnerability |
| CVE-2025-49309 | 2025-06-06 | WordPress HT Team Member <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49310 | 2025-06-06 | WordPress Frontend Dashboard <= 2.2.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49311 | 2025-06-06 | WordPress The Events Calendar Countdown Addon <= 1.4.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49313 | 2025-06-06 | WordPress BRW <= 1.8.6 - Local File Inclusion Vulnerability |
| CVE-2025-49314 | 2025-06-06 | WordPress BRW <= 1.8.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49315 | 2025-06-06 | WordPress Persian Woocommerce SMS <= 7.0.10 - SQL Injection Vulnerability |
| CVE-2025-49317 | 2025-06-06 | WordPress WP Page Loading <= 1.0.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49318 | 2025-06-06 | WordPress WPtouch <= 4.3.60 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49320 | 2025-06-06 | WordPress FraudLabs Pro for WooCommerce <= 2.22.11 - Broken Access Control Vulnerability |
| CVE-2025-49322 | 2025-06-06 | WordPress 404 Page by SeedProd < 1.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-49323 | 2025-06-06 | WordPress Hydra Booking <= 1.1.10 - SQL Injection Vulnerability |
| CVE-2025-49324 | 2025-06-06 | WordPress Job Board Manager <= 2.1.60 - Broken Access Control Vulnerability |
| CVE-2025-49325 | 2025-06-06 | WordPress Newspack Newsletters <= 3.13.0 - Open Redirection Vulnerability |
| CVE-2025-49326 | 2025-06-06 | WordPress GamiPress <= 7.4.5 - SQL Injection Vulnerability |
| CVE-2025-49327 | 2025-06-06 | WordPress ShortLinks Pro <= 1.0.7 - SQL Injection Vulnerability |
| CVE-2025-49328 | 2025-06-06 | WordPress Store Locator WordPress <= 1.5.1 - SQL Injection Vulnerability |
| CVE-2025-49329 | 2025-06-06 | WordPress Store Locator WordPress <= 1.5.2 - Arbitrary File Upload Vulnerability |
| CVE-2025-49332 | 2025-06-06 | WordPress WP Time Slots Booking Form <= 1.2.30 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-49333 | 2025-06-06 | WordPress Simple Membership <= 4.6.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-31025 | 2025-06-06 | WordPress Image Hover Effects Block <= 1.4.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-31000 | 2025-06-06 | WordPress Payment QR WooCommerce <= 1.1.6 - Broken Access Control Vulnerability |
| CVE-2025-30999 | 2025-06-06 | WordPress WP Shopify <= 1.5.3 - Local File Inclusion Vulnerability |
| CVE-2025-30997 | 2025-06-06 | WordPress Car Repair Services <= 5.0 - Server Side Request Forgery (SSRF) Vulnerability |
| CVE-2025-30995 | 2025-06-06 | WordPress Widgetize Pages Light plugin <= 3.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability |
| CVE-2025-30994 | 2025-06-06 | WordPress CubeWP – All-in-One Dynamic Content Framework plugin <= 1.1.23 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability |
| CVE-2025-30991 | 2025-06-06 | WordPress Premium Packages <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30990 | 2025-06-06 | WordPress ThemeHunk <= 1.1.1 - Broken Access Control Vulnerability |
| CVE-2025-30989 | 2025-06-06 | WordPress Libro de Reclamaciones y Quejas <= 0.9 - SQL Injection Vulnerability |
| CVE-2025-30986 | 2025-06-06 | WordPress Elite Video Player <= 10.0.5 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30981 | 2025-06-06 | WordPress WP-Recall plugin <= 16.26.14 - CSRF to Privilege Escalation vulnerability |
| CVE-2025-30980 | 2025-06-06 | WordPress Simple Keyword to Link <= 1.5 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30978 | 2025-06-06 | WordPress Slack Notifications by dorzki <= 2.0.7 - Broken Access Control Vulnerability |
| CVE-2025-30977 | 2025-06-06 | WordPress WP Live Chat + Chatbots Plugin for WordPress – Chaport <= 1.1.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30976 | 2025-06-06 | WordPress Nexa Blocks <= 1.1.0 - Server Side Request Forgery (SSRF) Vulnerability |
| CVE-2025-30974 | 2025-06-06 | WordPress Post Grid Master <= 3.4.13 - Broken Access Control Vulnerability |
| CVE-2025-30968 | 2025-06-06 | WordPress Advanced Post List <= 0.5.6.2 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30958 | 2025-06-06 | WordPress onOffice for WP-Websites <= 5.7 - Broken Access Control Vulnerability |
| CVE-2025-30957 | 2025-06-06 | WordPress Activity Plus Reloaded for BuddyPress <= 1.1.2 - Broken Access Control Vulnerability |
| CVE-2025-30956 | 2025-06-06 | WordPress Booqable Rental <= 2.4.20 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30954 | 2025-06-06 | WordPress WP Gravity Forms Constant Contact Plugin <= 1.1.0 - Open Redirection Vulnerability |
| CVE-2025-30953 | 2025-06-06 | WordPress WP Gravity Forms Salesforce <= 1.4.7 - Open Redirection Vulnerability |
| CVE-2025-30952 | 2025-06-06 | WordPress Nexa Blocks <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30951 | 2025-06-06 | WordPress BlockStrap Page Builder - Bootstrap Blocks <= 0.1.36 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30950 | 2025-06-06 | WordPress All Currencies for WooCommerce <= 2.4.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30948 | 2025-06-06 | WordPress Layouts for Elementor <= 1.11 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30946 | 2025-06-06 | WordPress Custom Bulk/Quick Edit <= 1.6.10 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30945 | 2025-06-06 | WordPress Taskbuilder <= 4.0.3 - Broken Access Control Vulnerability |
| CVE-2025-30942 | 2025-06-06 | WordPress Post Custom Templates Lite <= 1.14 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30941 | 2025-06-06 | WordPress Pinterest Verify Meta Tag <= 1.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30940 | 2025-06-06 | WordPress Melipayamak <= 2.2.12 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30939 | 2025-06-06 | WordPress IFrame Widget <= 4.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30938 | 2025-06-06 | WordPress Broadly for WordPress <= 3.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30937 | 2025-06-06 | WordPress Responsify WP <= 1.9.11 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30935 | 2025-06-06 | WordPress Contact Form <= 2.0.12 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30934 | 2025-06-06 | WordPress 診断ジェネレータ作成プラグイン <= 1.4.16 - Broken Access Control Vulnerability |
| CVE-2025-30932 | 2025-06-06 | WordPress WP Compress for MainWP <= 6.30.32 - Broken Access Control Vulnerability |
| CVE-2025-30931 | 2025-06-06 | WordPress «Подсказки» от DaData.ru <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30930 | 2025-06-06 | WordPress ACF: Yandex Maps Field <= 1.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30928 | 2025-06-06 | WordPress WP Biographia <= 4.0.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30927 | 2025-06-06 | WordPress Wordapp <= 1.7.0 - Broken Access Control Vulnerability |
| CVE-2025-30638 | 2025-06-06 | WordPress Powie's Uptime Robot <= 0.9.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30637 | 2025-06-06 | WordPress Booking Ultra Pro <= 1.1.20 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30636 | 2025-06-06 | WordPress Accessibility Suite <= 4.19 - Broken Access Control Vulnerability |
| CVE-2025-30634 | 2025-06-06 | WordPress WP Featured Content Slider <= 2.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30632 | 2025-06-06 | WordPress Global Translator <= 2.0.2 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30630 | 2025-06-06 | WordPress Global Translator <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30629 | 2025-06-06 | WordPress Bitly URL Shortener <= 1.3.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-30627 | 2025-06-06 | WordPress Elegant Visitor Counter <= 3.1 - Cross Site Scripting (XSS) Vulnerability |