Latest CVE Feed
-
6.5
MEDIUMCVE-2025-23891
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Loy Yet Another Countdown allows DOM-Based XSS.This issue affects Yet Another Countdown: from n/a through 1.0.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23890
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tom Ewer and Tito Pandu Easy Tweet Embed allows DOM-Based XSS.This issue affects Easy Tweet Embed: from n/a through 1.7.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23887
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Allan Wallick Blog Summary allows Stored XSS.This issue affects Blog Summary: from n/a through 0.1.2 β.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23886
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Roberts Annie allows Stored XSS.This issue affects Annie: from n/a through 2.1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23884
Cross-Site Request Forgery (CSRF) vulnerability in Chris Roberts Annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through 2.1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23880
Cross-Site Request Forgery (CSRF) vulnerability in anmari amr personalise allows Cross Site Request Forgery.This issue affects amr personalise: from n/a through 2.10.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
5.9
MEDIUMCVE-2025-23878
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Post-to-Post Links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through 4.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23877
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nitethemes Nite Shortcodes allows Stored XSS.This issue affects Nite Shortcodes: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23876
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jens Remus WP krpano allows Stored XSS.This issue affects WP krpano: from n/a through 1.2.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23875
Cross-Site Request Forgery (CSRF) vulnerability in Tim Ridgway Better Protected Pages allows Stored XSS.This issue affects Better Protected Pages: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
6.5
MEDIUMCVE-2025-23873
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshi Solutions Category D3 Tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through 1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23872
Cross-Site Request Forgery (CSRF) vulnerability in PayForm PayForm allows Stored XSS.This issue affects PayForm: from n/a through 2.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23871
Cross-Site Request Forgery (CSRF) vulnerability in Bas Matthee LSD Google Maps Embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through 1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23870
Cross-Site Request Forgery (CSRF) vulnerability in Robert Nicholson Copyright Safeguard Footer Notice allows Stored XSS.This issue affects Copyright Safeguard Footer Notice: from n/a through 3.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23869
Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.k.a CyberJack CJ Custom Content allows Stored XSS.This issue affects CJ Custom Content: from n/a through 2.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
6.5
MEDIUMCVE-2025-23868
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markus Liebelt Chess Tempo Viewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through 0.9.5.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23865
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pressfore Winning Portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through 1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23864
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Code Snippets (Luke America) WCS QR Code Generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23863
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eiji ‘Sabaoh’ Yamada Rollover Tab allows Stored XSS.This issue affects Rollover Tab: from n/a through 1.3.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
5.3
MEDIUMCVE-2025-23862
Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through 1.0.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Authorization