Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-23627
WordPress Comment-Emailer plugin <= 1.0.5 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Gordon French Comment-Emailer allows Stored XSS.This issue affects Comment-Emailer: from n/a through 1.0.5.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23623
WordPress Contact Form 7 – CCAvenue Add-on plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahesh Bisen Contact Form 7 – CCAvenue Add-on allows Reflected XSS.This issue affects Contact Form 7 – CCAvenue Add-on: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23620
WordPress Captchelfie – Captcha by Selfie plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Trofimov Captchelfie – Captcha by Selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through 1.0.7.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23618
WordPress Twitter Shortcode plugin <= 0.9 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Andrea Brandi Twitter Shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through 0.9.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23617
WordPress Floatbox Plus plugin <= 1.4.4 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal Floatbox Plus allows Stored XSS.This issue affects Floatbox Plus: from n/a through 1.4.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23577
WordPress Word Freshener plugin <= 1.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Word Freshener allows Stored XSS.This issue affects Word Freshener: from n/a through 1.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23573
WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sam Burdge WP Background Tile allows Stored XSS.This issue affects WP Background Tile: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23572
WordPress UpDownUpDown plugin <= 1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Dave Konopka, Martin Scharm UpDownUpDown allows Stored XSS.This issue affects UpDownUpDown: from n/a through 1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23569
WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23567
WordPress GDReseller plugin <= 1.6 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GDReseller allows Stored XSS.This issue affects GDReseller: from n/a through 1.6.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)