Latest CVE Feed
-
7.1
HIGHCVE-2025-23620
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Trofimov Captchelfie – Captcha by Selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through 1.0.7.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23618
Cross-Site Request Forgery (CSRF) vulnerability in Andrea Brandi Twitter Shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through 0.9.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23617
Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal Floatbox Plus allows Stored XSS.This issue affects Floatbox Plus: from n/a through 1.4.4.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23577
Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Word Freshener allows Stored XSS.This issue affects Word Freshener: from n/a through 1.3.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23573
Cross-Site Request Forgery (CSRF) vulnerability in Sam Burdge WP Background Tile allows Stored XSS.This issue affects WP Background Tile: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23572
Cross-Site Request Forgery (CSRF) vulnerability in Dave Konopka, Martin Scharm UpDownUpDown allows Stored XSS.This issue affects UpDownUpDown: from n/a through 1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23569
Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23567
Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GDReseller allows Stored XSS.This issue affects GDReseller: from n/a through 1.6.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23566
Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23560
Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23559
Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23558
Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23557
Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23547
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through 2.14.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23537
Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23533
Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Lyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through 0.4.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
8.8
HIGHCVE-2025-23532
Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
8.8
HIGHCVE-2025-23530
Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
8.8
HIGHCVE-2025-23528
Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Roles allows Privilege Escalation.This issue affects DD Roles: from n/a through 4.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Authorization
-
5.3
MEDIUMCVE-2025-23514
Missing Authorization vulnerability in Sanjaysolutions Loginplus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Loginplus: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Authorization