NA - CVE-2025-28914 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Sharma wordpress login form to anywhere allows Stored XSS. This issue affects...
NA - CVE-2025-28915 - Unrestricted Upload of File with Dangerous Type...
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit allows Upload a Web Shell to a Web Server. This issue affects ThemeEgg ToolKit: from n/a through 1.2.9.
NA - CVE-2025-28918 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A. Jones Featured Image Thumbnail Grid allows Stored XSS. This issue affects Featured...
NA - CVE-2025-28919 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shellbot Easy Image Display allows Stored XSS. This issue affects Easy Image Display:...
NA - CVE-2025-28920 - Missing Authorization vulnerability in Jogesh...
Missing Authorization vulnerability in Jogesh Responsive Google Map allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Responsive Google Map: from n/a...
NA - CVE-2025-28923 - Cross-Site Request Forgery (CSRF) vulnerability...
Cross-Site Request Forgery (CSRF) vulnerability in philippe No Disposable Email allows Stored XSS. This issue affects No Disposable Email: from n/a through 2.5.1.
NA - CVE-2025-28925 - Cross-Site Request Forgery (CSRF) vulnerability...
Cross-Site Request Forgery (CSRF) vulnerability in Hieu Nguyen WATI Chat and Notification allows Stored XSS. This issue affects WATI Chat and Notification: from n/a through 1.1.2.
NA - CVE-2025-28926 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in popeating Post Read Time allows Stored XSS. This issue affects Post Read Time: from...
NA - CVE-2025-28927 - Cross-Site Request Forgery (CSRF) vulnerability...
Cross-Site Request Forgery (CSRF) vulnerability in A. Chappard Display Template Name allows Cross Site Request Forgery. This issue affects Display Template Name: from n/a through 1.7.1.