Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-23513
WordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Joshua Wieczorek Bible Embed allows Stored XSS.This issue affects Bible Embed: from n/a through 0.0.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23511
WordPress WP-BlackCheck plugin <= 2.7.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Viktoria Rei Bauer WP-BlackCheck allows Stored XSS.This issue affects WP-BlackCheck: from n/a through 2.7.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23510
WordPress WordPress Logging Service plugin <= 1.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Zaantar WordPress Logging Service allows Stored XSS.This issue affects WordPress Logging Service: from n/a through 1.5.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23508
WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in EdesaC Extra Options – Favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through 1.1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23501
WordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy Cookie Consent & Autoblock for GDPR/CCPA allows Stored XSS.This issue affects Cookie Consent & Autoblock for GDPR/CCPA: from n/a through 1.0.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23499
WordPress Board Election plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier Board Election allows Stored XSS.This issue affects Board Election: from n/a through 1.0.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23497
WordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Albdesign Simple Project Manager allows Stored XSS.This issue affects Simple Project Manager: from n/a through 1.2.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23483
WordPress Universal Analytics Injector plugin <= 1.0.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Niklas Olsson Universal Analytics Injector allows Stored XSS.This issue affects Universal Analytics Injector: from n/a through 1.0.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23476
WordPress my-related-posts plugin <= 1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in isnowfy my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through 1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)

CVE-2025-23471
WordPress ECT Add to Cart Button plugin <= 1.4 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Andy Chapman ECT Add to Cart Button allows Stored XSS.This issue affects ECT Add to Cart Button: from n/a through 1.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (3 months ago)