Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-23566
WordPress Custom Post plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23560
WordPress Web Testimonials plugin <= 1.2 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23559
WordPress MemeOne plugin <= 2.0.5 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23558
WordPress Geotagged Media plugin <= 0.3.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23557
WordPress Find Your Reps plugin <= 1.2 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23547
WordPress LH Login Page plugin <= 2.14 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through 2.14.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23537
WordPress add custom google tag manager plugin <= 1.0.3 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23533
WordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Lyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through 0.4.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23532
WordPress MyAnime Widget plugin <= 1.0 - CSRF to Privilege Escalation vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through 1.0.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23530
WordPress Custom Post Type Lockdown plugin <= 1.11 - CSRF to Privilege Escalation vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)