) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2025-23868 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markus Liebelt Chess Tempo Viewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through 0.9.5. Published: January 16, 2025; 4:15:26 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23865 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pressfore Winning Portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through 1.1. Published: January 16, 2025; 4:15:26 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23864 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Code Snippets (Luke America) WCS QR Code Generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through 1.0. Published: January 16, 2025; 4:15:26 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23863 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eiji ‘Sabaoh’ Yamada Rollover Tab allows Stored XSS.This issue affects Rollover Tab: from n/a through 1.3.2. Published: January 16, 2025; 4:15:26 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23862 |
Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through 1.0.1. Published: January 16, 2025; 4:15:26 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23861 |
Cross-Site Request Forgery (CSRF) vulnerability in Katz Web Services, Inc. Debt Calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through 1.0.1. Published: January 16, 2025; 4:15:25 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23860 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eyouth { rob.panes } Charity-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through 1.1.2. Published: January 16, 2025; 4:15:25 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23859 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joshua Wieczorek Daily Proverb allows Stored XSS.This issue affects Daily Proverb: from n/a through 2.0.3. Published: January 16, 2025; 4:15:25 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23856 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alessandro Staniscia Simple Vertical Timeline allows DOM-Based XSS.This issue affects Simple Vertical Timeline: from n/a through 0.1. Published: January 16, 2025; 4:15:25 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23854 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YesStreaming.com Shoutcast and Icecast Internet Radio Hosting Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com allows Stored XSS.This issue affects Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com: from n/a through 3.3. Published: January 16, 2025; 4:15:25 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23848 |
Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Hotspots Analytics allows Stored XSS.This issue affects Hotspots Analytics: from n/a through 4.0.12. Published: January 16, 2025; 4:15:25 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23844 |
Cross-Site Request Forgery (CSRF) vulnerability in wellwisher Custom Widget Classes allows Cross Site Request Forgery.This issue affects Custom Widget Classes: from n/a through 1.1. Published: January 16, 2025; 4:15:25 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23842 |
Cross-Site Request Forgery (CSRF) vulnerability in Nilesh Shiragave WordPress Gallery Plugin allows Cross Site Request Forgery.This issue affects WordPress Gallery Plugin: from n/a through 1.4. Published: January 16, 2025; 4:15:24 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23841 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikos M. Top Flash Embed allows Stored XSS.This issue affects Top Flash Embed: from n/a through 0.3.4. Published: January 16, 2025; 4:15:24 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23833 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RaminMT Links/Problem Reporter allows DOM-Based XSS.This issue affects Links/Problem Reporter: from n/a through 2.6.0. Published: January 16, 2025; 4:15:24 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23832 |
Cross-Site Request Forgery (CSRF) vulnerability in Matt Gibbs Admin Cleanup allows Stored XSS.This issue affects Admin Cleanup: from n/a through 1.0.2. Published: January 16, 2025; 4:15:24 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23831 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rene Hermenau QR Code Generator allows DOM-Based XSS.This issue affects QR Code Generator: from n/a through 1.2.6. Published: January 16, 2025; 4:15:24 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23830 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jobair JB Horizontal Scroller News Ticker allows DOM-Based XSS.This issue affects JB Horizontal Scroller News Ticker: from n/a through 1.0. Published: January 16, 2025; 4:15:24 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23828 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OriginalTips.com WordPress Data Guard allows Stored XSS.This issue affects WordPress Data Guard: from n/a through 8. Published: January 16, 2025; 4:15:24 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-23827 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Strx Strx Magic Floating Sidebar Maker allows Stored XSS.This issue affects Strx Magic Floating Sidebar Maker: from n/a through 1.4.1. Published: January 16, 2025; 4:15:23 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |