CyberAlerts

CVE-2025-31383

WordPress FrescoChat Live Chat plugin <= 3.2.6 - CSRF to Stored XSS vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in FrescoChat Live Chat allows Stored XSS. This issue affects FrescoChat Live Chat: from n/a through 3.2.6.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31382

WordPress Language Field plugin <= 0.9 - CSRF to Stored XSS vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in theode Language Field allows Stored XSS. This issue affects Language Field: from n/a through 0.9.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31377

WordPress Woo Product Feed For Marketing Channels <= 1.9.0 - Broken Access Control Vulnerability

Description: Missing Authorization vulnerability in Asaquzzaman mishu Woo Product Feed For Marketing Channels allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woo Product Feed For Marketing Channels: from n/a through 1.9.0.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31375

WordPress Scheduled plugin <= 1.0 - CSRF to Stored XSS vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in bhoogterp Scheduled allows Stored XSS. This issue affects Scheduled: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31042

WordPress Sandwich Adsense <= 4.0.2 - Broken Access Control Vulnerability

Description: Missing Authorization vulnerability in rtakao Sandwich Adsense allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sandwich Adsense: from n/a through 4.0.2.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31038

WordPress Essential Breadcrumbs plugin <= 1.1.1 - CSRF to Privilege Escalation vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Privilege Escalation. This issue affects Essential Breadcrumbs: from n/a through 1.1.1.

CVSS: HIGH (8.8)

EPSS Score: 0.02%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31036

WordPress WPSolr plugin <= 24.0 - CSRF to Privilege Escalation vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in WPSolr free WPSolr allows Privilege Escalation. This issue affects WPSolr: from n/a through 24.0.

CVSS: HIGH (8.8)

EPSS Score: 0.02%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31035

WordPress WP Editor.md – The Perfect WordPress Markdown Editor <= 10.2.1 - Cross Site Scripting (XSS) Vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Chris WP Editor.md – The Perfect WordPress Markdown Editor allows Stored XSS. This issue affects WP Editor.md – The Perfect WordPress Markdown Editor: from n/a through 10.2.1.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31034

WordPress Customize Login Page plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in AboZain Albanna Customize Login Page allows Cross Site Request Forgery. This issue affects Customize Login Page: from n/a through 1.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE

April 9th, 2025 (12 days ago)

CVE-2025-31033

WordPress Buddypress Humanity plugin <= 1.2 - CSRF to Privilege Escalation vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in Adam Nowak Buddypress Humanity allows Cross Site Request Forgery. This issue affects Buddypress Humanity: from n/a through 1.2.

CVSS: CRITICAL (9.8)

EPSS Score: 0.03%

Source: CVE

April 9th, 2025 (12 days ago)

Threat and Vulnerability Intelligence Database

Example Searches: