CVE-2025-53351
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Fidelo Software GmbH Fidelo Snippet thebing-snippet allows Reflected XSS.This issue affects Fidelo Snippet: from n/a through
Tagged: Cybersecurity Alert
CVE-2025-53352
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in G5Theme Grid Plus grid-plus allows Reflected XSS.This issue affects Grid Plus: from n/a through
CVE-2025-53218
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through
CVE-2025-53229
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in kamleshyadav RockON DJ rockon allows Reflected XSS.This issue affects RockON DJ: from n/a through
CVE-2025-53232
Insertion of Sensitive Information Into Sent Data vulnerability in inkthemes WP Gmail SMTP wp-gmail-smtp allows Retrieve Embedded Sensitive Data.This issue affects WP Gmail SMTP: from n/a through
CVE-2025-53234
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in AndonDesign UDesign Core u-design-core allows Reflected XSS.This issue affects UDesign Core: from n/a through
CVE-2025-53236
Missing Authorization vulnerability in AndonDesign UDesign Core u-design-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UDesign Core: from n/a through
CVE-2025-53238
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Toast Plugins Toast Mobile Menu toast-responsive-menu allows Stored XSS.This issue affects Toast Mobile Menu: from n/a through
CVE-2025-53297
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerce Envato Affiliates: from n/a through
CVE-2025-53350
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through
CVE-2025-52763
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through
CVE-2025-52770
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in appscreo Hello Followers hellofollowers allows Reflected XSS.This issue affects Hello Followers: from n/a through
CVE-2025-52756
Improper Control of Generation of Code (‘Code Injection’) vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Remote Code Inclusion.This issue affects WP Last Modified Info: from n/a through
CVE-2025-52757
Missing Authorization vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SUMO Memberships for WooCommerce: from n/a through