Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 199260 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2025-23804 Cross-Site Request Forgery (CSRF) vulnerability in Shiv Prakash Tiwari WP Service Payment Form With Authorize.net allows Reflected XSS.This issue affects WP Service Payment Form With Authorize.net: from n/a through 2.6.0. -- Jan 16, 2025 n/a
CVE-2025-23802 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Steven Soehl WP-Revive Adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through 2.2.1. -- Jan 16, 2025 n/a
CVE-2025-23801 Cross-Site Request Forgery (CSRF) vulnerability in Benjamin Guy Style Admin allows Stored XSS.This issue affects Style Admin: from n/a through 1.4.3. -- Jan 16, 2025 n/a
CVE-2025-23800 Cross-Site Request Forgery (CSRF) vulnerability in David Hamilton OrangeBox allows Cross Site Request Forgery.This issue affects OrangeBox: from n/a through 3.0.0. -- Jan 16, 2025 n/a
CVE-2025-23797 Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows Privilege Escalation.This issue affects WP Options Editor: from n/a through 1.1. -- Jan 16, 2025 n/a
CVE-2025-23796 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tushar Patel Easy Portfolio allows Stored XSS.This issue affects Easy Portfolio: from n/a through 1.3. -- Jan 16, 2025 n/a
CVE-2025-23795 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Gold Plugins Easy FAQs allows Stored XSS.This issue affects Easy FAQs: from n/a through 3.2.1. -- Jan 16, 2025 n/a
CVE-2025-23794 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in rccoder wp_amaps allows Stored XSS.This issue affects wp_amaps: from n/a through 1.7. -- Jan 16, 2025 n/a
CVE-2025-23793 Cross-Site Request Forgery (CSRF) vulnerability in Turcu Ciprian Auto FTP allows Stored XSS. This issue affects Auto FTP: from n/a through 1.0.1. -- Jan 16, 2025 n/a
CVE-2025-23791 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in RocaPress Horizontal Line Shortcode allows Stored XSS.This issue affects Horizontal Line Shortcode: from n/a through 1.0. -- Jan 16, 2025 n/a
CVE-2025-23785 Missing Authorization vulnerability in August Infotech AI Responsive Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Responsive Gallery Album: from n/a through 1.4. -- Jan 16, 2025 n/a
CVE-2025-23783 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek Namedays Widget From Eortologio.Net: from n/a through 20191113. -- Jan 16, 2025 n/a
CVE-2025-23780 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in AlphaBPO Easy Code Snippets allows SQL Injection.This issue affects Easy Code Snippets: from n/a through 1.0.2. -- Jan 16, 2025 n/a
CVE-2025-23779 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in web-mv.de ResAds allows SQL Injection.This issue affects ResAds: from n/a through 2.0.5. -- Jan 16, 2025 n/a
CVE-2025-23778 Missing Authorization vulnerability in Pravin Durugkar User Sync ActiveCampaign allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Sync ActiveCampaign: from n/a through 1.3.2. -- Jan 16, 2025 n/a
CVE-2025-23777 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Willows Consulting Ltd. GDPR Personal Data Reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through 1.0.5. -- Jan 16, 2025 n/a
CVE-2025-23776 Missing Authorization vulnerability in Thorn Technologies LLC Cache Sniper for Nginx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cache Sniper for Nginx: from n/a through 1.0.4.2. -- Jan 16, 2025 n/a
CVE-2025-23775 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WWP GMAPS for WPBakery Page Builder Free allows Stored XSS.This issue affects GMAPS for WPBakery Page Builder Free: from n/a through 1.2. -- Jan 16, 2025 n/a
CVE-2025-23772 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Eugenio Petullà imaGenius allows Stored XSS.This issue affects imaGenius: from n/a through 1.7. -- Jan 16, 2025 n/a
CVE-2025-23767 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a through 1.9.3. -- Jan 16, 2025 n/a
CVE-2025-23765 Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER allows Cross Site Request Forgery.This issue affects W3SPEEDSTER: from n/a through 7.33. -- Jan 16, 2025 n/a
CVE-2025-23764 Missing Authorization vulnerability in Ujjaval Jani Copy Move Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Copy Move Posts: from n/a through 1.6. -- Jan 16, 2025 n/a
CVE-2025-23761 Missing Authorization vulnerability in Alex Volkov Woo Tuner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woo Tuner: from n/a through 0.1.2. -- Jan 16, 2025 n/a
CVE-2025-23760 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Alex Volkov Chatter allows Stored XSS. This issue affects Chatter: from n/a through 1.0.1. -- Jan 16, 2025 n/a
CVE-2025-23749 Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. -- Jan 16, 2025 n/a
CVE-2025-23745 Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. -- Jan 16, 2025 n/a
CVE-2025-23743 Cross-Site Request Forgery (CSRF) vulnerability in Martijn Scheybeler Social Analytics allows Stored XSS.This issue affects Social Analytics: from n/a through 0.2. -- Jan 16, 2025 n/a
CVE-2025-23720 Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Web Push allows Stored XSS.This issue affects Web Push: from n/a through 1.4.0. -- Jan 16, 2025 n/a
CVE-2025-23717 Cross-Site Request Forgery (CSRF) vulnerability in ITMOOTI Theme My Ontraport Smartform allows Stored XSS.This issue affects Theme My Ontraport Smartform: from n/a through 1.2.11. -- Jan 16, 2025 n/a
CVE-2025-23715 Cross-Site Request Forgery (CSRF) vulnerability in RaymondDesign Post & Page Notes allows Stored XSS.This issue affects Post & Page Notes: from n/a through 0.1.1. -- Jan 16, 2025 n/a
CVE-2025-23713 Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Hack me if you can allows Stored XSS.This issue affects Hack me if you can: from n/a through 1.2. -- Jan 16, 2025 n/a
CVE-2025-23712 Cross-Site Request Forgery (CSRF) vulnerability in Kapost Kapost allows Stored XSS.This issue affects Kapost: from n/a through 2.2.9. -- Jan 16, 2025 n/a
CVE-2025-23710 Cross-Site Request Forgery (CSRF) vulnerability in Mayur Sojitra Flying Twitter Birds allows Stored XSS.This issue affects Flying Twitter Birds: from n/a through 1.8. -- Jan 16, 2025 n/a
CVE-2025-23708 Cross-Site Request Forgery (CSRF) vulnerability in Dominic Fallows DF Draggable allows Stored XSS.This issue affects DF Draggable: from n/a through 1.13.2. -- Jan 16, 2025 n/a
CVE-2025-23703 Cross-Site Request Forgery (CSRF) vulnerability in CS : ABS-Hosting.nl / Walchum.net Free MailClient FMC allows Stored XSS.This issue affects Free MailClient FMC: from n/a through 1.0. -- Jan 16, 2025 n/a
CVE-2025-23702 Cross-Site Request Forgery (CSRF) vulnerability in Schalk Burger Anonymize Links allows Stored XSS.This issue affects Anonymize Links: from n/a through 1.1. -- Jan 16, 2025 n/a
CVE-2025-23699 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in TechMix Event Countdown Timer Plugin by TechMix allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through 1.4. -- Jan 16, 2025 n/a
CVE-2025-23698 Cross-Site Request Forgery (CSRF) vulnerability in Iván R. Delgado Martínez WP Custom Google Search allows Stored XSS.This issue affects WP Custom Google Search: from n/a through 1.0. -- Jan 16, 2025 n/a
CVE-2025-23694 Cross-Site Request Forgery (CSRF) vulnerability in Shabbos Commerce Shabbos and Yom Tov allows Stored XSS.This issue affects Shabbos and Yom Tov: from n/a through 1.9. -- Jan 16, 2025 n/a
CVE-2025-23693 Cross-Site Request Forgery (CSRF) vulnerability in Stanis?aw Skonieczny Secure CAPTCHA allows Stored XSS.This issue affects Secure CAPTCHA: from n/a through 1.2. -- Jan 16, 2025 n/a
CVE-2025-23692 Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Slider for Writers allows Stored XSS.This issue affects Slider for Writers: from n/a through 1.3. -- Jan 16, 2025 n/a
CVE-2025-23691 Cross-Site Request Forgery (CSRF) vulnerability in Braulio Aquino García Send to Twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through 1.7.2. -- Jan 16, 2025 n/a
CVE-2025-23690 Cross-Site Request Forgery (CSRF) vulnerability in ArtkanMedia Book a Place allows Stored XSS.This issue affects Book a Place: from n/a through 0.7.1. -- Jan 16, 2025 n/a
CVE-2025-23689 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Poco Blogger Image Import allows Stored XSS.This issue affects Blogger Image Import: from 2.1 through n/a. -- Jan 16, 2025 n/a
CVE-2025-23677 Cross-Site Request Forgery (CSRF) vulnerability in DSmidgy HTTP to HTTPS link changer by Eyga.net allows Stored XSS.This issue affects HTTP to HTTPS link changer by Eyga.net: from n/a through 0.2.4. -- Jan 16, 2025 n/a
CVE-2025-23675 Cross-Site Request Forgery (CSRF) vulnerability in SandyIN Import Users to MailChimp allows Stored XSS.This issue affects Import Users to MailChimp: from n/a through 1.0. -- Jan 16, 2025 n/a
CVE-2025-23673 Cross-Site Request Forgery (CSRF) vulnerability in Don Kukral Email on Publish allows Stored XSS.This issue affects Email on Publish: from n/a through 1.5. -- Jan 16, 2025 n/a
CVE-2025-23665 Cross-Site Request Forgery (CSRF) vulnerability in Rapid Sort RSV GMaps allows Stored XSS.This issue affects RSV GMaps: from n/a through 1.5. -- Jan 16, 2025 n/a
CVE-2025-23664 Cross-Site Request Forgery (CSRF) vulnerability in Real Seguro Viagem Real Seguro Viagem allows Stored XSS.This issue affects Real Seguro Viagem: from n/a through 2.0.5. -- Jan 16, 2025 n/a
CVE-2025-23662 Cross-Site Request Forgery (CSRF) vulnerability in Ryan Sutana WP Panoramio allows Stored XSS.This issue affects WP Panoramio: from n/a through 1.5.0. -- Jan 16, 2025 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online