Latest CVE Feed
-
6.5
MEDIUMCVE-2025-46260
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor allows Stored XSS. This issue affects Sky Addons for Elementor: from n/a through 3.0.1.... Read more
Affected Products : sky_addons_for_elementor- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-46261
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting allows Stored XSS. This issue affects Seriously Simple Podcasting: from n/a through 3.9.0.... Read more
Affected Products : seriously_simple_podcasting- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
4.3
MEDIUMCVE-2025-46436
Cross-Site Request Forgery (CSRF) vulnerability in Sebastian Echeverry SCSS-Library allows Cross Site Request Forgery. This issue affects SCSS-Library: from n/a through 0.4.1.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Request Forgery
-
6.5
MEDIUMCVE-2025-46438
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in warmwhisky GTDB Guitar Tuners allows Stored XSS. This issue affects GTDB Guitar Tuners: from n/a through 4.2.2.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
7.4
HIGHCVE-2025-46439
Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Plugin Central allows Path Traversal. This issue affects Plugin Central: from n/a through 2.5.1.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Request Forgery
-
4.9
MEDIUMCVE-2025-46443
Server-Side Request Forgery (SSRF) vulnerability in Adam Pery Animate allows Server Side Request Forgery. This issue affects Animate: from n/a through 0.5.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Server-Side Request Forgery
-
6.5
MEDIUMCVE-2025-46445
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pReya External Markdown allows Stored XSS. This issue affects External Markdown: from n/a through 0.0.1.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-46447
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFable Fable Extra allows DOM-Based XSS. This issue affects Fable Extra: from n/a through 1.0.6.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-46450
Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan allows Stored XSS. This issue affects occupancyplan: from n/a through 1.0.3.0.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-46452
Cross-Site Request Forgery (CSRF) vulnerability in Olav Kolbu Google News allows Stored XSS. This issue affects Google News: from n/a through 2.5.1.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Request Forgery
-
6.5
MEDIUMCVE-2025-46453
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreatorTeam Zoho Creator Forms allows Stored XSS. This issue affects Zoho Creator Forms: from n/a through 1.0.5.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-46459
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ralf Hortt Confirm User Registration allows Stored XSS. This issue affects Confirm User Registration: from n/a through 2.1.5.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-46461
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Relentless Apps RRSSB allows DOM-Based XSS. This issue affects RRSSB: from n/a through 1.0.1.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
4.3
MEDIUMCVE-2025-46462
Cross-Site Request Forgery (CSRF) vulnerability in Trân Minh-Quân WPVN allows Cross Site Request Forgery. This issue affects WPVN: from n/a through 0.7.8.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-46465
Cross-Site Request Forgery (CSRF) vulnerability in John Weissberg Print Science Designer allows Stored XSS. This issue affects Print Science Designer: from n/a through 1.3.155.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-46466
Cross-Site Request Forgery (CSRF) vulnerability in felixtz Modern Polls allows Stored XSS. This issue affects Modern Polls: from n/a through 1.0.10.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Request Forgery
-
6.5
MEDIUMCVE-2025-46467
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rahendra Putra K™ RAphicon allows DOM-Based XSS. This issue affects RAphicon: from n/a through 2.1.2.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-46469
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Buddle Send From allows Stored XSS. This issue affects Send From: from n/a through 2.2.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-46472
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons allows Stored XSS. This issue affects The Pack Elementor addons: from n/a through 2.1.2.... Read more
Affected Products : the_pack_elementor_addons- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Cross-Site Scripting
-
7.2
HIGHCVE-2025-46473
Deserialization of Untrusted Data vulnerability in djjmz Social Counter allows Object Injection. This issue affects Social Counter: from n/a through 2.0.5.... Read more
Affected Products :- Published: Apr. 24, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Injection