Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 251174 entries
IDDescriptionPriorityModified date
CVE-2025-23654 Cross-Site Request Forgery (CSRF) vulnerability in Vinícius Krolow Twitter Post allows Stored XSS.This issue affects Twitter Post: from n/a through 0.1. -- Jan 16, 2025
CVE-2025-23649 Cross-Site Request Forgery (CSRF) vulnerability in Kreg Steppe Auphonic Importer allows Stored XSS.This issue affects Auphonic Importer: from n/a through 1.5.1. -- Jan 16, 2025
CVE-2025-23644 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Justin Kuepper QuoteMedia Tools allows DOM-Based XSS.This issue affects QuoteMedia Tools: from n/a through 1.0. -- Jan 16, 2025
CVE-2025-23642 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in pflonk Sidebar-Content from Shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from Shortcode: from n/a through 2.0. -- Jan 16, 2025
CVE-2025-23641 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Thomas Ehrhardt Powie\'s pLinks PagePeeker allows DOM-Based XSS.This issue affects Powie\'s pLinks PagePeeker: from n/a through 1.0.2. -- Jan 16, 2025
CVE-2025-23640 Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan Rename Author Slug allows Stored XSS.This issue affects Rename Author Slug: from n/a through 1.2.0. -- Jan 16, 2025
CVE-2025-23639 Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan MDC YouTube Downloader allows Stored XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0. -- Jan 16, 2025
CVE-2025-23627 Cross-Site Request Forgery (CSRF) vulnerability in Gordon French Comment-Emailer allows Stored XSS.This issue affects Comment-Emailer: from n/a through 1.0.5. -- Jan 16, 2025
CVE-2025-23623 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Mahesh Bisen Contact Form 7 – CCAvenue Add-on allows Reflected XSS.This issue affects Contact Form 7 – CCAvenue Add-on: from n/a through 1.0. -- Jan 16, 2025
CVE-2025-23620 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Alexey Trofimov Captchelfie – Captcha by Selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through 1.0.7. -- Jan 16, 2025
CVE-2025-23618 Cross-Site Request Forgery (CSRF) vulnerability in Andrea Brandi Twitter Shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through 0.9. -- Jan 16, 2025
CVE-2025-23617 Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal Floatbox Plus allows Stored XSS.This issue affects Floatbox Plus: from n/a through 1.4.4. -- Jan 16, 2025
CVE-2025-23577 Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Word Freshener allows Stored XSS.This issue affects Word Freshener: from n/a through 1.3. -- Jan 16, 2025
CVE-2025-23573 Cross-Site Request Forgery (CSRF) vulnerability in Sam Burdge WP Background Tile allows Stored XSS.This issue affects WP Background Tile: from n/a through 1.0. -- Jan 16, 2025
CVE-2025-23572 Cross-Site Request Forgery (CSRF) vulnerability in Dave Konopka, Martin Scharm UpDownUpDown allows Stored XSS.This issue affects UpDownUpDown: from n/a through 1.1. -- Jan 16, 2025
CVE-2025-23569 Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1. -- Jan 16, 2025
CVE-2025-23567 Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GDReseller allows Stored XSS.This issue affects GDReseller: from n/a through 1.6. -- Jan 16, 2025
CVE-2025-23566 Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0. -- Jan 16, 2025
CVE-2025-23560 Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2. -- Jan 16, 2025
CVE-2025-23559 Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5. -- Jan 16, 2025
CVE-2025-23558 Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0. -- Jan 16, 2025
CVE-2025-23557 Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2. -- Jan 16, 2025
CVE-2025-23547 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through 2.14. -- Jan 16, 2025
CVE-2025-23537 Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3. -- Jan 16, 2025
CVE-2025-23533 Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Lyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through 0.4.1. -- Jan 16, 2025
CVE-2025-23532 Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through 1.0. -- Jan 16, 2025
CVE-2025-23530 Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11. -- Jan 16, 2025
CVE-2025-23528 Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Roles allows Privilege Escalation.This issue affects DD Roles: from n/a through 4.1. -- Jan 16, 2025
CVE-2025-23514 Missing Authorization vulnerability in Sanjaysolutions Loginplus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Loginplus: from n/a through 1.2. -- Jan 16, 2025
CVE-2025-23513 Cross-Site Request Forgery (CSRF) vulnerability in Joshua Wieczorek Bible Embed allows Stored XSS.This issue affects Bible Embed: from n/a through 0.0.4. -- Jan 16, 2025
CVE-2025-23511 Cross-Site Request Forgery (CSRF) vulnerability in Viktoria Rei Bauer WP-BlackCheck allows Stored XSS.This issue affects WP-BlackCheck: from n/a through 2.7.2. -- Jan 16, 2025
CVE-2025-23510 Cross-Site Request Forgery (CSRF) vulnerability in Zaantar WordPress Logging Service allows Stored XSS.This issue affects WordPress Logging Service: from n/a through 1.5.4. -- Jan 16, 2025
CVE-2025-23508 Cross-Site Request Forgery (CSRF) vulnerability in EdesaC Extra Options – Favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through 1.1.0. -- Jan 16, 2025
CVE-2025-23501 Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy Cookie Consent & Autoblock for GDPR/CCPA allows Stored XSS.This issue affects Cookie Consent & Autoblock for GDPR/CCPA: from n/a through 1.0.1. -- Jan 16, 2025
CVE-2025-23499 Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier Board Election allows Stored XSS.This issue affects Board Election: from n/a through 1.0.1. -- Jan 16, 2025
CVE-2025-23497 Cross-Site Request Forgery (CSRF) vulnerability in Albdesign Simple Project Manager allows Stored XSS.This issue affects Simple Project Manager: from n/a through 1.2.2. -- Jan 16, 2025
CVE-2025-23483 Cross-Site Request Forgery (CSRF) vulnerability in Niklas Olsson Universal Analytics Injector allows Stored XSS.This issue affects Universal Analytics Injector: from n/a through 1.0.3. -- Jan 16, 2025
CVE-2025-23476 Cross-Site Request Forgery (CSRF) vulnerability in isnowfy my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through 1.1. -- Jan 16, 2025
CVE-2025-23471 Cross-Site Request Forgery (CSRF) vulnerability in Andy Chapman ECT Add to Cart Button allows Stored XSS.This issue affects ECT Add to Cart Button: from n/a through 1.4. -- Jan 16, 2025
CVE-2025-23470 Cross-Site Request Forgery (CSRF) vulnerability in X Villamuera Visit Site Link enhanced allows Stored XSS.This issue affects Visit Site Link enhanced: from n/a through 1.0. -- Jan 16, 2025
CVE-2025-23467 Cross-Site Request Forgery (CSRF) vulnerability in Vimal Ghorecha RSS News Scroller allows Stored XSS.This issue affects RSS News Scroller: from n/a through 2.0.0. -- Jan 16, 2025
CVE-2025-23463 Cross-Site Request Forgery (CSRF) vulnerability in Mukesh Dak MD Custom content after or before of post allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through 1.0. -- Jan 16, 2025
CVE-2025-23456 Cross-Site Request Forgery (CSRF) vulnerability in Somethinkodd.com Development Team EmailShroud allows Reflected XSS.This issue affects EmailShroud: from n/a through 2.2.1. -- Jan 16, 2025
CVE-2025-23455 Cross-Site Request Forgery (CSRF) vulnerability in mastersoftwaresolutions WP VTiger Synchronization allows Stored XSS.This issue affects WP VTiger Synchronization: from n/a through 1.1.1. -- Jan 16, 2025
CVE-2025-23453 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Myriad Solutionz Stars SMTP Mailer allows Reflected XSS.This issue affects Stars SMTP Mailer: from n/a through 1.7. -- Jan 16, 2025
CVE-2025-23452 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in EditionGuard Dev Team EditionGuard for WooCommerce – eBook Sales with DRM allows Reflected XSS.This issue affects EditionGuard for WooCommerce – eBook Sales with DRM: from n/a through 3.4.2. -- Jan 16, 2025
CVE-2025-23445 Cross-Site Request Forgery (CSRF) vulnerability in Scott Swezey Easy Tynt allows Cross Site Request Forgery.This issue affects Easy Tynt: from n/a through 0.2.5.1. -- Jan 16, 2025
CVE-2025-23444 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Nasir Scroll Top Advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a through 2.5. -- Jan 16, 2025
CVE-2025-23442 Cross-Site Request Forgery (CSRF) vulnerability in matias s Shockingly Big IE6 Warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through 1.6.3. -- Jan 16, 2025
CVE-2025-23438 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in MarvinLabs WP PT-Viewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through 2.0.2. -- Jan 16, 2025
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online