Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-23912
WordPress WordPress Custom Sidebar Plugin <= 2.3 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typomedia Foundation WordPress Custom Sidebar allows Blind SQL Injection.This issue affects WordPress Custom Sidebar: from n/a through 2.3.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23911
WordPress Solidres – Hotel booking plugin for WordPress Plugin <= 0.9.4 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solidres Team Solidres – Hotel booking plugin allows SQL Injection.This issue affects Solidres – Hotel booking plugin: from n/a through 0.9.4.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23902
WordPress Error Notification plugin <= 0.2.7 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Taras Dashkevych Error Notification allows Cross Site Request Forgery.This issue affects Error Notification: from n/a through 0.2.7.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23901
WordPress GravatarLocalCache plugin <= 1.1.2 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal GravatarLocalCache allows Cross Site Request Forgery.This issue affects GravatarLocalCache: from n/a through 1.1.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23900
WordPress Genki Announcement plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Genkisan Genki Announcement allows Cross Site Request Forgery.This issue affects Genki Announcement: from n/a through 1.4.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23898
WordPress Apply with LinkedIn buttons plugin <= 2.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ivo Brett – ApplyMetrics Apply with LinkedIn buttons allows Stored XSS.This issue affects Apply with LinkedIn buttons: from n/a through 2.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23895
WordPress Add RSS plugin <= 1.5 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Dan Cameron Add RSS allows Stored XSS.This issue affects Add RSS: from n/a through 1.5.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23884
WordPress Annie plugin <= 2.1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Chris Roberts Annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through 2.1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23880
WordPress amr personalise plugin <= 2.10 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in anmari amr personalise allows Cross Site Request Forgery.This issue affects amr personalise: from n/a through 2.10.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)

CVE-2025-23875
WordPress Better Protected Pages plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Tim Ridgway Better Protected Pages allows Stored XSS.This issue affects Better Protected Pages: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 17th, 2025 (4 months ago)