The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2025-23891 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Vincent Loy Yet Another Countdown allows DOM-Based XSS.This issue affects Yet Another Countdown: from n/a through 1.0.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23890 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tom Ewer and Tito Pandu Easy Tweet Embed allows DOM-Based XSS.This issue affects Easy Tweet Embed: from n/a through 1.7. | -- | Jan 16, 2025 | n/a |
CVE-2025-23887 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Scott Allan Wallick Blog Summary allows Stored XSS.This issue affects Blog Summary: from n/a through 0.1.2 ?. | -- | Jan 16, 2025 | n/a |
CVE-2025-23886 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Chris Roberts Annie allows Stored XSS.This issue affects Annie: from n/a through 2.1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23884 | Cross-Site Request Forgery (CSRF) vulnerability in Chris Roberts Annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through 2.1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23880 | Cross-Site Request Forgery (CSRF) vulnerability in anmari amr personalise allows Cross Site Request Forgery.This issue affects amr personalise: from n/a through 2.10. | -- | Jan 16, 2025 | n/a |
CVE-2025-23878 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Scott Reilly Post-to-Post Links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through 4.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23877 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in nitethemes Nite Shortcodes allows Stored XSS.This issue affects Nite Shortcodes: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23876 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jens Remus WP krpano allows Stored XSS.This issue affects WP krpano: from n/a through 1.2.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23875 | Cross-Site Request Forgery (CSRF) vulnerability in Tim Ridgway Better Protected Pages allows Stored XSS.This issue affects Better Protected Pages: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23873 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Anshi Solutions Category D3 Tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through 1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23872 | Cross-Site Request Forgery (CSRF) vulnerability in PayForm PayForm allows Stored XSS.This issue affects PayForm: from n/a through 2.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23871 | Cross-Site Request Forgery (CSRF) vulnerability in Bas Matthee LSD Google Maps Embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through 1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23870 | Cross-Site Request Forgery (CSRF) vulnerability in Robert Nicholson Copyright Safeguard Footer Notice allows Stored XSS.This issue affects Copyright Safeguard Footer Notice: from n/a through 3.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23869 | Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.k.a CyberJack CJ Custom Content allows Stored XSS.This issue affects CJ Custom Content: from n/a through 2.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23868 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Markus Liebelt Chess Tempo Viewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through 0.9.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23865 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Pressfore Winning Portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through 1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23864 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP Code Snippets (Luke America) WCS QR Code Generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23863 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Eiji ‘Sabaoh’ Yamada Rollover Tab allows Stored XSS.This issue affects Rollover Tab: from n/a through 1.3.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23862 | Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through 1.0.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23861 | Cross-Site Request Forgery (CSRF) vulnerability in Katz Web Services, Inc. Debt Calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through 1.0.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23860 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Eyouth { rob.panes } Charity-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through 1.1.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23859 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Joshua Wieczorek Daily Proverb allows Stored XSS.This issue affects Daily Proverb: from n/a through 2.0.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23856 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Alessandro Staniscia Simple Vertical Timeline allows DOM-Based XSS.This issue affects Simple Vertical Timeline: from n/a through 0.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23854 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in YesStreaming.com Shoutcast and Icecast Internet Radio Hosting Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com allows Stored XSS.This issue affects Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com: from n/a through 3.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23848 | Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Hotspots Analytics allows Stored XSS.This issue affects Hotspots Analytics: from n/a through 4.0.12. | -- | Jan 16, 2025 | n/a |
CVE-2025-23844 | Cross-Site Request Forgery (CSRF) vulnerability in wellwisher Custom Widget Classes allows Cross Site Request Forgery.This issue affects Custom Widget Classes: from n/a through 1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23842 | Cross-Site Request Forgery (CSRF) vulnerability in Nilesh Shiragave WordPress Gallery Plugin allows Cross Site Request Forgery.This issue affects WordPress Gallery Plugin: from n/a through 1.4. | -- | Jan 16, 2025 | n/a |
CVE-2025-23841 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Nikos M. Top Flash Embed allows Stored XSS.This issue affects Top Flash Embed: from n/a through 0.3.4. | -- | Jan 16, 2025 | n/a |
CVE-2025-23833 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in RaminMT Links/Problem Reporter allows DOM-Based XSS.This issue affects Links/Problem Reporter: from n/a through 2.6.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23832 | Cross-Site Request Forgery (CSRF) vulnerability in Matt Gibbs Admin Cleanup allows Stored XSS.This issue affects Admin Cleanup: from n/a through 1.0.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23831 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Rene Hermenau QR Code Generator allows DOM-Based XSS.This issue affects QR Code Generator: from n/a through 1.2.6. | -- | Jan 16, 2025 | n/a |
CVE-2025-23830 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jobair JB Horizontal Scroller News Ticker allows DOM-Based XSS.This issue affects JB Horizontal Scroller News Ticker: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23828 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in OriginalTips.com WordPress Data Guard allows Stored XSS.This issue affects WordPress Data Guard: from n/a through 8. | -- | Jan 16, 2025 | n/a |
CVE-2025-23827 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Strx Strx Magic Floating Sidebar Maker allows Stored XSS.This issue affects Strx Magic Floating Sidebar Maker: from n/a through 1.4.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23826 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Predrag Supurovi? Stop Comment Spam allows Stored XSS.This issue affects Stop Comment Spam: from n/a through 0.5.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23825 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Alex Thorpe Easy Shortcode Buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through 1.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23824 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Alexander Weleczka FontAwesome.io ShortCodes allows Stored XSS.This issue affects FontAwesome.io ShortCodes: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23823 | Cross-Site Request Forgery (CSRF) vulnerability in jprintf CNZZ&51LA for WordPress allows Cross Site Request Forgery.This issue affects CNZZ&51LA for WordPress: from n/a through 1.0.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23822 | Cross-Site Request Forgery (CSRF) vulnerability in Cornea Alexandru Category Custom Fields allows Cross Site Request Forgery.This issue affects Category Custom Fields: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23821 | Cross-Site Request Forgery (CSRF) vulnerability in Aleapp WP Cookies Alert allows Cross Site Request Forgery.This issue affects WP Cookies Alert: from n/a through 1.1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23820 | Cross-Site Request Forgery (CSRF) vulnerability in Laxman Thapa Content Security Policy Pro allows Cross Site Request Forgery.This issue affects Content Security Policy Pro: from n/a through 1.3.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23818 | Cross-Site Request Forgery (CSRF) vulnerability in Peggy Kuo More Link Modifier allows Stored XSS.This issue affects More Link Modifier: from n/a through 1.0.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23817 | Cross-Site Request Forgery (CSRF) vulnerability in Mahadir Ahmad MHR-Custom-Anti-Copy allows Stored XSS.This issue affects MHR-Custom-Anti-Copy: from n/a through 2.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23816 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in metaphorcreations Metaphor Widgets allows Stored XSS. This issue affects Metaphor Widgets: from n/a through 2.4. | -- | Jan 16, 2025 | n/a |
CVE-2025-23815 | Cross-Site Request Forgery (CSRF) vulnerability in linickx root Cookie allows Cross Site Request Forgery. This issue affects root Cookie: from n/a through 1.6. | -- | Jan 16, 2025 | n/a |
CVE-2025-23810 | Cross-Site Request Forgery (CSRF) vulnerability in Igor Sazonov Len Slider allows Reflected XSS.This issue affects Len Slider: from n/a through 2.0.11. | -- | Jan 16, 2025 | n/a |
CVE-2025-23808 | Cross-Site Request Forgery (CSRF) vulnerability in Matt van Andel Custom List Table Example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through 1.4.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23807 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jimmy Hu Spiderpowa Embed PDF allows Stored XSS.This issue affects Spiderpowa Embed PDF: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23805 | Cross-Site Request Forgery (CSRF) vulnerability in SEOReseller Team SEOReseller Partner allows Cross Site Request Forgery.This issue affects SEOReseller Partner: from n/a through 1.3.15. | -- | Jan 16, 2025 | n/a |