CVE-2025-39444 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maxfoundry MaxButtons allows Stored XSS. This issue affects MaxButtons: from n/a through 9.8.3.
CVSS: MEDIUM (5.9)
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39443 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery. This issue affects Verge3D: from n/a through 4.9.0.
CVSS: MEDIUM (4.3)
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39442 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in MessageMetric Review Wave – Google Places Reviews allows Stored XSS. This issue affects Review Wave – Google Places Reviews: from n/a through 1.4.7.
CVSS: HIGH (7.1)
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39441 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in swedish boy Dashboard Notepads allows Stored XSS. This issue affects Dashboard Notepads: from n/a through 1.2.1.
CVSS: HIGH (7.1)
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39440 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Broken Links Remover allows Stored XSS. This issue affects Broken Links Remover: from n/a through 1.2.2.
CVSS: HIGH (7.1)
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39439 |
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Markus Drubba wpLike2Get allows Retrieve Embedded Sensitive Data. This issue affects wpLike2Get: from n/a through 1.2.9.
CVSS: MEDIUM (5.3) SSVC Exploitation: none
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39438 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery. This issue affects Theme Changer: from n/a through 1.3.
CVSS: MEDIUM (4.3) SSVC Exploitation: none
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39437 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize allows Cross Site Request Forgery. This issue affects Anthologize: from n/a through 0.8.3.
CVSS: MEDIUM (4.3) SSVC Exploitation: none
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39436 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using Malicious Files. This issue affects I Draw: from n/a through 1.0.
CVSS: CRITICAL (9.1) SSVC Exploitation: none
April 17th, 2025 (about 3 hours ago)
|
CVE-2025-39435 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in davidfcarr My Marginalia allows Stored XSS. This issue affects My Marginalia: from n/a through 1.0.6.
CVSS: HIGH (7.1)
April 17th, 2025 (about 3 hours ago)
|