The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2025-23804 | Cross-Site Request Forgery (CSRF) vulnerability in Shiv Prakash Tiwari WP Service Payment Form With Authorize.net allows Reflected XSS.This issue affects WP Service Payment Form With Authorize.net: from n/a through 2.6.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23802 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Steven Soehl WP-Revive Adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through 2.2.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23801 | Cross-Site Request Forgery (CSRF) vulnerability in Benjamin Guy Style Admin allows Stored XSS.This issue affects Style Admin: from n/a through 1.4.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23800 | Cross-Site Request Forgery (CSRF) vulnerability in David Hamilton OrangeBox allows Cross Site Request Forgery.This issue affects OrangeBox: from n/a through 3.0.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23797 | Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows Privilege Escalation.This issue affects WP Options Editor: from n/a through 1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23796 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tushar Patel Easy Portfolio allows Stored XSS.This issue affects Easy Portfolio: from n/a through 1.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23795 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Gold Plugins Easy FAQs allows Stored XSS.This issue affects Easy FAQs: from n/a through 3.2.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23794 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in rccoder wp_amaps allows Stored XSS.This issue affects wp_amaps: from n/a through 1.7. | -- | Jan 16, 2025 | n/a |
CVE-2025-23793 | Cross-Site Request Forgery (CSRF) vulnerability in Turcu Ciprian Auto FTP allows Stored XSS. This issue affects Auto FTP: from n/a through 1.0.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23791 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in RocaPress Horizontal Line Shortcode allows Stored XSS.This issue affects Horizontal Line Shortcode: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23785 | Missing Authorization vulnerability in August Infotech AI Responsive Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Responsive Gallery Album: from n/a through 1.4. | -- | Jan 16, 2025 | n/a |
CVE-2025-23783 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek Namedays Widget From Eortologio.Net: from n/a through 20191113. | -- | Jan 16, 2025 | n/a |
CVE-2025-23780 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in AlphaBPO Easy Code Snippets allows SQL Injection.This issue affects Easy Code Snippets: from n/a through 1.0.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23779 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in web-mv.de ResAds allows SQL Injection.This issue affects ResAds: from n/a through 2.0.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23778 | Missing Authorization vulnerability in Pravin Durugkar User Sync ActiveCampaign allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Sync ActiveCampaign: from n/a through 1.3.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23777 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Willows Consulting Ltd. GDPR Personal Data Reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through 1.0.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23776 | Missing Authorization vulnerability in Thorn Technologies LLC Cache Sniper for Nginx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cache Sniper for Nginx: from n/a through 1.0.4.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23775 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WWP GMAPS for WPBakery Page Builder Free allows Stored XSS.This issue affects GMAPS for WPBakery Page Builder Free: from n/a through 1.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23772 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Eugenio Petullà imaGenius allows Stored XSS.This issue affects imaGenius: from n/a through 1.7. | -- | Jan 16, 2025 | n/a |
CVE-2025-23767 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a through 1.9.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23765 | Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER allows Cross Site Request Forgery.This issue affects W3SPEEDSTER: from n/a through 7.33. | -- | Jan 16, 2025 | n/a |
CVE-2025-23764 | Missing Authorization vulnerability in Ujjaval Jani Copy Move Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Copy Move Posts: from n/a through 1.6. | -- | Jan 16, 2025 | n/a |
CVE-2025-23761 | Missing Authorization vulnerability in Alex Volkov Woo Tuner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woo Tuner: from n/a through 0.1.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23760 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Alex Volkov Chatter allows Stored XSS. This issue affects Chatter: from n/a through 1.0.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23749 | Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23745 | Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23743 | Cross-Site Request Forgery (CSRF) vulnerability in Martijn Scheybeler Social Analytics allows Stored XSS.This issue affects Social Analytics: from n/a through 0.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23720 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Web Push allows Stored XSS.This issue affects Web Push: from n/a through 1.4.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23717 | Cross-Site Request Forgery (CSRF) vulnerability in ITMOOTI Theme My Ontraport Smartform allows Stored XSS.This issue affects Theme My Ontraport Smartform: from n/a through 1.2.11. | -- | Jan 16, 2025 | n/a |
CVE-2025-23715 | Cross-Site Request Forgery (CSRF) vulnerability in RaymondDesign Post & Page Notes allows Stored XSS.This issue affects Post & Page Notes: from n/a through 0.1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23713 | Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Hack me if you can allows Stored XSS.This issue affects Hack me if you can: from n/a through 1.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23712 | Cross-Site Request Forgery (CSRF) vulnerability in Kapost Kapost allows Stored XSS.This issue affects Kapost: from n/a through 2.2.9. | -- | Jan 16, 2025 | n/a |
CVE-2025-23710 | Cross-Site Request Forgery (CSRF) vulnerability in Mayur Sojitra Flying Twitter Birds allows Stored XSS.This issue affects Flying Twitter Birds: from n/a through 1.8. | -- | Jan 16, 2025 | n/a |
CVE-2025-23708 | Cross-Site Request Forgery (CSRF) vulnerability in Dominic Fallows DF Draggable allows Stored XSS.This issue affects DF Draggable: from n/a through 1.13.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23703 | Cross-Site Request Forgery (CSRF) vulnerability in CS : ABS-Hosting.nl / Walchum.net Free MailClient FMC allows Stored XSS.This issue affects Free MailClient FMC: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23702 | Cross-Site Request Forgery (CSRF) vulnerability in Schalk Burger Anonymize Links allows Stored XSS.This issue affects Anonymize Links: from n/a through 1.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23699 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in TechMix Event Countdown Timer Plugin by TechMix allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through 1.4. | -- | Jan 16, 2025 | n/a |
CVE-2025-23698 | Cross-Site Request Forgery (CSRF) vulnerability in Iván R. Delgado Martínez WP Custom Google Search allows Stored XSS.This issue affects WP Custom Google Search: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23694 | Cross-Site Request Forgery (CSRF) vulnerability in Shabbos Commerce Shabbos and Yom Tov allows Stored XSS.This issue affects Shabbos and Yom Tov: from n/a through 1.9. | -- | Jan 16, 2025 | n/a |
CVE-2025-23693 | Cross-Site Request Forgery (CSRF) vulnerability in Stanis?aw Skonieczny Secure CAPTCHA allows Stored XSS.This issue affects Secure CAPTCHA: from n/a through 1.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23692 | Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Slider for Writers allows Stored XSS.This issue affects Slider for Writers: from n/a through 1.3. | -- | Jan 16, 2025 | n/a |
CVE-2025-23691 | Cross-Site Request Forgery (CSRF) vulnerability in Braulio Aquino García Send to Twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through 1.7.2. | -- | Jan 16, 2025 | n/a |
CVE-2025-23690 | Cross-Site Request Forgery (CSRF) vulnerability in ArtkanMedia Book a Place allows Stored XSS.This issue affects Book a Place: from n/a through 0.7.1. | -- | Jan 16, 2025 | n/a |
CVE-2025-23689 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Poco Blogger Image Import allows Stored XSS.This issue affects Blogger Image Import: from 2.1 through n/a. | -- | Jan 16, 2025 | n/a |
CVE-2025-23677 | Cross-Site Request Forgery (CSRF) vulnerability in DSmidgy HTTP to HTTPS link changer by Eyga.net allows Stored XSS.This issue affects HTTP to HTTPS link changer by Eyga.net: from n/a through 0.2.4. | -- | Jan 16, 2025 | n/a |
CVE-2025-23675 | Cross-Site Request Forgery (CSRF) vulnerability in SandyIN Import Users to MailChimp allows Stored XSS.This issue affects Import Users to MailChimp: from n/a through 1.0. | -- | Jan 16, 2025 | n/a |
CVE-2025-23673 | Cross-Site Request Forgery (CSRF) vulnerability in Don Kukral Email on Publish allows Stored XSS.This issue affects Email on Publish: from n/a through 1.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23665 | Cross-Site Request Forgery (CSRF) vulnerability in Rapid Sort RSV GMaps allows Stored XSS.This issue affects RSV GMaps: from n/a through 1.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23664 | Cross-Site Request Forgery (CSRF) vulnerability in Real Seguro Viagem Real Seguro Viagem allows Stored XSS.This issue affects Real Seguro Viagem: from n/a through 2.0.5. | -- | Jan 16, 2025 | n/a |
CVE-2025-23662 | Cross-Site Request Forgery (CSRF) vulnerability in Ryan Sutana WP Panoramio allows Stored XSS.This issue affects WP Panoramio: from n/a through 1.5.0. | -- | Jan 16, 2025 | n/a |