Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-28905
WordPress Featured Posts Grid plugin <= 1.7 - CSRF to Stored XSS vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chaser324 Featured Posts Grid allows Stored XSS. This issue affects Featured Posts Grid: from n/a through 1.7.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28901
WordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Naren Members page only for logged in users allows Stored XSS. This issue affects Members page only for logged in users: from n/a through 1.4.2.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28900
WordPress TabGarb Pro plugin <= 2.6 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in webgarb TabGarb Pro allows Stored XSS. This issue affects TabGarb Pro: from n/a through 2.6.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28897
WordPress Domain Theme plugin <= 1.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Steveorevo Domain Theme allows Stored XSS. This issue affects Domain Theme: from n/a through 1.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28895
WordPress Custom top bar plugin <= 2.0.2 - CSRF to Stored XSS vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sumanbiswas013 Custom top bar allows Stored XSS. This issue affects Custom top bar: from n/a through 2.0.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28894
WordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in frucomerci List of Posts from each Category plugin for WordPress allows Stored XSS. This issue affects List of Posts from each Category plugin for WordPress: from n/a through 2.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28892
WordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in a2rocklobster FTP Sync allows Stored XSS. This issue affects FTP Sync: from n/a through 1.1.6.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28891
WordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in jazzigor price-calc allows Stored XSS. This issue affects price-calc: from n/a through 0.6.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28883
WordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Martin WP Compare Tables allows Stored XSS. This issue affects WP Compare Tables: from n/a through 1.0.5.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)

CVE-2025-28861
WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in bhzad WP jQuery Persian Datepicker allows Stored XSS. This issue affects WP jQuery Persian Datepicker: from n/a through 0.1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 11th, 2025 (about 1 month ago)