Latest CVE Feed
-
7.1
HIGHCVE-2025-23569
Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23567
Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GDReseller allows Stored XSS.This issue affects GDReseller: from n/a through 1.6.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23566
Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23560
Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23559
Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23558
Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23557
Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23547
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through 2.14.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23537
Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23533
Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Lyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through 0.4.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
8.8
HIGHCVE-2025-23532
Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
8.8
HIGHCVE-2025-23530
Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
8.8
HIGHCVE-2025-23528
Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Roles allows Privilege Escalation.This issue affects DD Roles: from n/a through 4.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Authorization
-
5.3
MEDIUMCVE-2025-23514
Missing Authorization vulnerability in Sanjaysolutions Loginplus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Loginplus: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Authorization
-
7.1
HIGHCVE-2025-23513
Cross-Site Request Forgery (CSRF) vulnerability in Joshua Wieczorek Bible Embed allows Stored XSS.This issue affects Bible Embed: from n/a through 0.0.4.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23511
Cross-Site Request Forgery (CSRF) vulnerability in Viktoria Rei Bauer WP-BlackCheck allows Stored XSS.This issue affects WP-BlackCheck: from n/a through 2.7.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23510
Cross-Site Request Forgery (CSRF) vulnerability in Zaantar WordPress Logging Service allows Stored XSS.This issue affects WordPress Logging Service: from n/a through 1.5.4.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23508
Cross-Site Request Forgery (CSRF) vulnerability in EdesaC Extra Options – Favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through 1.1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23501
Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy Cookie Consent & Autoblock for GDPR/CCPA allows Stored XSS.This issue affects Cookie Consent & Autoblock for GDPR/CCPA: from n/a through 1.0.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23499
Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier Board Election allows Stored XSS.This issue affects Board Election: from n/a through 1.0.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery