Latest CVE Feed
-
6.5
MEDIUMCVE-2025-23642
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pflonk Sidebar-Content from Shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from Shortcode: from n/a through 2.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-23641
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Ehrhardt Powie's pLinks PagePeeker allows DOM-Based XSS.This issue affects Powie's pLinks PagePeeker: from n/a through 1.0.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23640
Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan Rename Author Slug allows Stored XSS.This issue affects Rename Author Slug: from n/a through 1.2.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23639
Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan MDC YouTube Downloader allows Stored XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0.... Read more
Affected Products : mdc_youtube_downloader- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
-
7.1
HIGHCVE-2025-23627
Cross-Site Request Forgery (CSRF) vulnerability in Gordon French Comment-Emailer allows Stored XSS.This issue affects Comment-Emailer: from n/a through 1.0.5.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23623
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahesh Bisen Contact Form 7 – CCAvenue Add-on allows Reflected XSS.This issue affects Contact Form 7 – CCAvenue Add-on: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23620
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Trofimov Captchelfie – Captcha by Selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through 1.0.7.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting
-
7.1
HIGHCVE-2025-23618
Cross-Site Request Forgery (CSRF) vulnerability in Andrea Brandi Twitter Shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through 0.9.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23617
Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal Floatbox Plus allows Stored XSS.This issue affects Floatbox Plus: from n/a through 1.4.4.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23577
Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Word Freshener allows Stored XSS.This issue affects Word Freshener: from n/a through 1.3.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23573
Cross-Site Request Forgery (CSRF) vulnerability in Sam Burdge WP Background Tile allows Stored XSS.This issue affects WP Background Tile: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23572
Cross-Site Request Forgery (CSRF) vulnerability in Dave Konopka, Martin Scharm UpDownUpDown allows Stored XSS.This issue affects UpDownUpDown: from n/a through 1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23569
Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23567
Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GDReseller allows Stored XSS.This issue affects GDReseller: from n/a through 1.6.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23566
Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23560
Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23559
Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23558
Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23557
Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Request Forgery
-
7.1
HIGHCVE-2025-23547
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through 2.14.... Read more
Affected Products :- Published: Jan. 16, 2025
- Modified: Jan. 16, 2025
- Vuln Type: Cross-Site Scripting