Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2025-53215

WordPress Yahoo! WebPlayer Plugin <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-53215

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8bitkid Yahoo! WebPlayer allows Reflected XSS...

8bitkid Yahoo! WebPlayer n/a CVE
HIGH 8.1 CVE-2025-53216

WordPress Glamer Theme <= 1.0.2 - Local File Inclusion Vulnerability_CVE-2025-53216

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeUniver Glamer allows ...

ThemeUniver Glamer n/a CVE
HIGH 7.1 CVE-2025-49407

WordPress Houzez Theme <= 4.1.1 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-49407

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez allows Reflected XSS. This ...

favethemes Houzez n/a CVE
HIGH 8.1 CVE-2025-49405

WordPress Houzez Theme <= 4.1.1 - Local File Inclusion Vulnerability_CVE-2025-49405

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez allows P...

favethemes Houzez n/a CVE
HIGH 7.1 CVE-2025-53225

WordPress e-Boekhouden.nl Plugin <= 1.9.3 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-53225

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eboekhouden e-Boekhouden.nl allows Reflected ...

eboekhouden e-Boekhouden.nl n/a CVE
HIGH 7.1 CVE-2025-53223

WordPress Theme Switcher Reloaded Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-53223

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in undoIT Theme Switcher Reloaded allows Reflect...

undoIT Theme Switcher Reloaded n/a CVE
HIGH 8.1 CVE-2025-53227

WordPress Magazine Saga Theme <= 1.2.7 - Local File Inclusion Vulnerability_CVE-2025-53227

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magazine Saga all...

Unfoldwp Magazine Saga n/a CVE
HIGH 7.1 CVE-2025-53220

WordPress XmasB Quotes Plugin <= 1.6.1 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-53220

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in XmasB XmasB Quotes allows Reflected XSS. This...

XmasB XmasB Quotes n/a CVE
HIGH 7.1 CVE-2025-53224

WordPress NextGEN Gallery Search Plugin <= 2.12 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-53224

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Koen Schuit NextGEN Gallery Search allows Ref...

Koen Schuit NextGEN Gallery Search n/a CVE
HIGH 8.1 CVE-2025-53244

WordPress Magazine Elite Theme <= 1.2.4 - Local File Inclusion Vulnerability_CVE-2025-53244

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magazine Elite al...

Unfoldwp Magazine Elite n/a CVE