CVE List - 2025 / September
Showing 3301 - 3400 of 4322 CVEs for September 2025 (Page 34 of 44)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-57963 | 2025-09-22 | WordPress Zoho Billing Plugin <= 4.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57962 | 2025-09-22 | WordPress VikRestaurants Table Reservations and Take-Away Plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57961 | 2025-09-22 | WordPress CoDesigner Plugin <= 4.25.2 - Broken Access Control Vulnerability |
| CVE-2025-57960 | 2025-09-22 | WordPress Travel Map Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57959 | 2025-09-22 | WordPress Slightly troublesome permalink Plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57958 | 2025-09-22 | WordPress WowAddons Plugin <= 1.0.17 - Broken Access Control Vulnerability |
| CVE-2025-57957 | 2025-09-22 | WordPress WooMS Plugin <= 9.12 - Broken Access Control Vulnerability |
| CVE-2025-57956 | 2025-09-22 | WordPress WooMS Plugin <= 9.12 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57955 | 2025-09-22 | WordPress Post Carousel Slider for Elementor Plugin <= 1.7.0 - Broken Access Control Vulnerability |
| CVE-2025-57954 | 2025-09-22 | WordPress Poll Maker Plugin <= 6.0.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57953 | 2025-09-22 | WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57952 | 2025-09-22 | WordPress Maps for WP Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57951 | 2025-09-22 | WordPress SiteNarrator Text-to-Speech Widget Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57950 | 2025-09-22 | WordPress Plugin Security Scanner Plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57949 | 2025-09-22 | WordPress Ongkoskirim.id Plugin <= 1.0.6 - Broken Access Control Vulnerability |
| CVE-2025-57948 | 2025-09-22 | WordPress Directory Pro Plugin <= 2.5.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57947 | 2025-09-22 | WordPress Photo Gallery by Ays Plugin <= 6.3.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57946 | 2025-09-22 | WordPress payOS Plugin <= 1.0.61 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57945 | 2025-09-22 | WordPress WP Advanced PDF Plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57944 | 2025-09-22 | WordPress Skimlinks Affiliate Marketing Tool Plugin <= 1.3 - Broken Access Control Vulnerability |
| CVE-2025-57943 | 2025-09-22 | WordPress Skimlinks Affiliate Marketing Tool Plugin <= 1.3 - Server Side Request Forgery (SSRF) Vulnerability |
| CVE-2025-57942 | 2025-09-22 | WordPress Emergency Password Reset Plugin <= 9.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57941 | 2025-09-22 | WordPress Append Link on Copy Plugin <= 0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57940 | 2025-09-22 | WordPress Append extensions on Pages Plugin <= 1.1.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57939 | 2025-09-22 | WordPress Image Hover Effects – Elementor Addon Plugin <= 1.4.4 - Broken Access Control Vulnerability |
| CVE-2025-57938 | 2025-09-22 | WordPress Easy Hotel Booking Plugin <= 1.6.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57937 | 2025-09-22 | WordPress WPeMatico RSS Feed Fetcher Plugin <= 2.8.10 - Sensitive Data Exposure Vulnerability |
| CVE-2025-57936 | 2025-09-22 | WordPress Subresource Integrity (SRI) Manager Plugin <= 0.4.0 - Broken Access Control Vulnerability |
| CVE-2025-57935 | 2025-09-22 | WordPress Bot Block – Stop Spam Referrals in Google Analytics Plugin <= 2.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57934 | 2025-09-22 | WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57933 | 2025-09-22 | WordPress Piotnet Forms Plugin <= 1.0.30 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57932 | 2025-09-22 | WordPress PowerFolio Plugin <= 3.2.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57930 | 2025-09-22 | WordPress Double the Donation Plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57929 | 2025-09-22 | WordPress Double the Donation Plugin <= 2.0.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57928 | 2025-09-22 | WordPress AWP Classifieds Plugin <= 4.3.5 - Content Injection Vulnerability |
| CVE-2025-57927 | 2025-09-22 | WordPress Dashboard Notepad Plugin <= 1.42 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57926 | 2025-09-22 | WordPress Passster Plugin <= 4.2.18 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57925 | 2025-09-22 | WordPress immonex Kickstart Team Plugin <= 1.6.9 - Local File Inclusion Vulnerability |
| CVE-2025-57924 | 2025-09-22 | WordPress Developer Plugin <= 1.2.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57923 | 2025-09-22 | WordPress UK Address Postcode Validation Plugin <= 3.9.2 - Sensitive Data Exposure Vulnerability |
| CVE-2025-57922 | 2025-09-22 | WordPress Envíos Coordinadora Woocommerce Plugin <= 1.1.31 - Sensitive Data Exposure Vulnerability |
| CVE-2025-57921 | 2025-09-22 | WordPress Frontend File Manager Plugin <= 23.2 - Broken Access Control Vulnerability |
| CVE-2025-57920 | 2025-09-22 | WordPress Category Featured Images Extended Plugin <= 1.52 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57919 | 2025-09-22 | WordPress Language Translate Widget for WordPress – ConveyThis Plugin <= 264 - PHP Object Injection Vulnerability |
| CVE-2025-57918 | 2025-09-22 | WordPress LinkedInclude Plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57917 | 2025-09-22 | WordPress Printcart Web to Print Product Designer for WooCommerce Plugin <= 2.4.3 - Broken Access Control Vulnerability |
| CVE-2025-57916 | 2025-09-22 | WordPress WP System Information Plugin <= 1.5 - Sensitive Data Exposure Vulnerability |
| CVE-2025-57915 | 2025-09-22 | WordPress TOCHAT.BE Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57914 | 2025-09-22 | WordPress Deliver via Shipos for WooCommerce Plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57913 | 2025-09-22 | WordPress Behance Portfolio Manager Plugin <= 1.7.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57912 | 2025-09-22 | WordPress Dialogity Free Live Chat Plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57911 | 2025-09-22 | WordPress Adverts Plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57910 | 2025-09-22 | WordPress AnyClip Luminous Studio Plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57909 | 2025-09-22 | WordPress Editor Custom Color Palette Plugin <= 3.4.8 - Broken Access Control Vulnerability |
| CVE-2025-57908 | 2025-09-22 | WordPress Product Time Countdown for WooCommerce Plugin <= 1.6.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57907 | 2025-09-22 | WordPress Heureka Plugin <= 1.1.0 - Broken Access Control Vulnerability |
| CVE-2025-57906 | 2025-09-22 | WordPress Epeken All Kurir Plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57905 | 2025-09-22 | WordPress AgreeMe Checkboxes For WooCommerce Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57904 | 2025-09-22 | WordPress Sales Count Manager for WooCommerce Plugin <= 2.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57903 | 2025-09-22 | WordPress WooCommerce Additional Fees On Checkout (Free) Plugin <= 1.5.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57902 | 2025-09-22 | WordPress RIS Version Switcher – Downgrade or Upgrade WP Versions Easily Plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-57901 | 2025-09-22 | WordPress Import Markdown Plugin <= 1.14 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57900 | 2025-09-22 | WordPress GutenKit Plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-57899 | 2025-09-22 | WordPress WP Compress Plugin <= 6.50.54 - Broken Access Control Vulnerability |
| CVE-2025-57898 | 2025-09-22 | WordPress WP Frontend Admin Plugin <= 1.22.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53570 | 2025-09-22 | WordPress DELUCKS SEO Plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53469 | 2025-09-22 | WordPress BMI Adult & Kid Calculator Plugin <= 1.2.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53468 | 2025-09-22 | WordPress Wp tabber widget Plugin <= 4.0 - SQL Injection Vulnerability |
| CVE-2025-53467 | 2025-09-22 | WordPress Login-Logout Plugin <= 3.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53466 | 2025-09-22 | WordPress Better Find and Replace Plugin <= 1.7.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53465 | 2025-09-22 | WordPress GSheets Connector Plugin <= 1.1.1 - PHP Object Injection Vulnerability |
| CVE-2025-53464 | 2025-09-22 | WordPress WP Mailto Links Plugin <= 3.1.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53463 | 2025-09-22 | WordPress HT Mega – Absolute Addons for WPBakery Page Builder Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53462 | 2025-09-22 | WordPress SAPO Feed Plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53461 | 2025-09-22 | WordPress Beaf Plugin <= 1.6.2 - Server Side Request Forgery (SSRF) Vulnerability |
| CVE-2025-53460 | 2025-09-22 | WordPress AffiliateWP – External Referral Links Plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-36064 | 2025-09-22 | IBM Sterling Connect:Express for Microsoft Windows information disclosure |
| CVE-2025-53458 | 2025-09-22 | WordPress Goracash Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53457 | 2025-09-22 | WordPress SEO Backlink Monitor Plugin <= 1.6.0 - Server Side Request Forgery (SSRF) Vulnerability |
| CVE-2025-53456 | 2025-09-22 | WordPress SEO Backlink Monitor Plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53455 | 2025-09-22 | WordPress CashBill.pl – Płatności WooCommerce Plugin <= 3.2.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53454 | 2025-09-22 | WordPress Ultimate WP Mail Plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53451 | 2025-09-22 | WordPress Mihdan: No External Links Plugin <= 5.1.4 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53452 | 2025-09-22 | WordPress Event Rocket Plugin <= 3.3 - Broken Access Control Vulnerability |
| CVE-2025-53450 | 2025-09-22 | WordPress Easy Pricing Table WP Plugin <= 1.1.3 - Local File Inclusion Vulnerability |
| CVE-2025-59592 | 2025-09-22 | WordPress Make Column Clickable Elementor Plugin <= 1.6.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59591 | 2025-09-22 | WordPress wpDiscuz Plugin <= 7.6.33 - Broken Access Control Vulnerability |
| CVE-2025-59590 | 2025-09-22 | WordPress Media Library Assistant Plugin <= 3.28 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59589 | 2025-09-22 | WordPress Soledad Theme <= 8.6.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59588 | 2025-09-22 | WordPress Soledad Theme <= 8.6.8 - Local File Inclusion Vulnerability |
| CVE-2025-59587 | 2025-09-22 | WordPress Penci Shortcodes & Performance Plugin < 6.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59586 | 2025-09-22 | WordPress Penci Portfolio Plugin <= 3.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59585 | 2025-09-22 | WordPress Penci Recipe Plugin <= 4.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59584 | 2025-09-22 | WordPress Penci Podcast Plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59583 | 2025-09-22 | WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59582 | 2025-09-22 | WordPress Ajax Load More Plugin <= 7.6.0.2 - Sensitive Data Exposure Vulnerability |
| CVE-2025-59581 | 2025-09-22 | WordPress Ibtana Plugin <= 1.2.5.3 - Arbitrary Content Deletion Vulnerability |
| CVE-2025-59577 | 2025-09-22 | WordPress MasterStudy LMS Plugin <= 3.6.20 - Race Condition Vulnerability |
| CVE-2025-59576 | 2025-09-22 | WordPress MasterStudy LMS Plugin <= 3.6.20 - Broken Access Control Vulnerability |
| CVE-2025-59574 | 2025-09-22 | WordPress WP Travel Engine Plugin <= 1.4.2 - Cross Site Scripting (XSS) Vulnerability |