U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
There are 264,108 matching records.
Displaying matches 921 through 940.
Vuln ID Summary CVSS Severity
CVE-2025-23833

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RaminMT Links/Problem Reporter allows DOM-Based XSS.This issue affects Links/Problem Reporter: from n/a through 2.6.0.

Published: January 16, 2025; 4:15:24 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23832

Cross-Site Request Forgery (CSRF) vulnerability in Matt Gibbs Admin Cleanup allows Stored XSS.This issue affects Admin Cleanup: from n/a through 1.0.2.

Published: January 16, 2025; 4:15:24 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23831

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rene Hermenau QR Code Generator allows DOM-Based XSS.This issue affects QR Code Generator: from n/a through 1.2.6.

Published: January 16, 2025; 4:15:24 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23830

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jobair JB Horizontal Scroller News Ticker allows DOM-Based XSS.This issue affects JB Horizontal Scroller News Ticker: from n/a through 1.0.

Published: January 16, 2025; 4:15:24 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23828

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OriginalTips.com WordPress Data Guard allows Stored XSS.This issue affects WordPress Data Guard: from n/a through 8.

Published: January 16, 2025; 4:15:24 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23827

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Strx Strx Magic Floating Sidebar Maker allows Stored XSS.This issue affects Strx Magic Floating Sidebar Maker: from n/a through 1.4.1.

Published: January 16, 2025; 4:15:23 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23826

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Predrag Supurović Stop Comment Spam allows Stored XSS.This issue affects Stop Comment Spam: from n/a through 0.5.3.

Published: January 16, 2025; 4:15:23 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23825

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Thorpe Easy Shortcode Buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through 1.2.

Published: January 16, 2025; 4:15:23 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23824

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexander Weleczka FontAwesome.io ShortCodes allows Stored XSS.This issue affects FontAwesome.io ShortCodes: from n/a through 1.0.

Published: January 16, 2025; 4:15:23 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23823

Cross-Site Request Forgery (CSRF) vulnerability in jprintf CNZZ&51LA for WordPress allows Cross Site Request Forgery.This issue affects CNZZ&51LA for WordPress: from n/a through 1.0.1.

Published: January 16, 2025; 4:15:23 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23822

Cross-Site Request Forgery (CSRF) vulnerability in Cornea Alexandru Category Custom Fields allows Cross Site Request Forgery.This issue affects Category Custom Fields: from n/a through 1.0.

Published: January 16, 2025; 4:15:23 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23821

Cross-Site Request Forgery (CSRF) vulnerability in Aleapp WP Cookies Alert allows Cross Site Request Forgery.This issue affects WP Cookies Alert: from n/a through 1.1.1.

Published: January 16, 2025; 4:15:22 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23820

Cross-Site Request Forgery (CSRF) vulnerability in Laxman Thapa Content Security Policy Pro allows Cross Site Request Forgery.This issue affects Content Security Policy Pro: from n/a through 1.3.5.

Published: January 16, 2025; 4:15:22 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23818

Cross-Site Request Forgery (CSRF) vulnerability in Peggy Kuo More Link Modifier allows Stored XSS.This issue affects More Link Modifier: from n/a through 1.0.3.

Published: January 16, 2025; 4:15:22 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23817

Cross-Site Request Forgery (CSRF) vulnerability in Mahadir Ahmad MHR-Custom-Anti-Copy allows Stored XSS.This issue affects MHR-Custom-Anti-Copy: from n/a through 2.0.

Published: January 16, 2025; 4:15:22 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23816

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in metaphorcreations Metaphor Widgets allows Stored XSS. This issue affects Metaphor Widgets: from n/a through 2.4.

Published: January 16, 2025; 4:15:22 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23815

Cross-Site Request Forgery (CSRF) vulnerability in linickx root Cookie allows Cross Site Request Forgery. This issue affects root Cookie: from n/a through 1.6.

Published: January 16, 2025; 4:15:22 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23810

Cross-Site Request Forgery (CSRF) vulnerability in Igor Sazonov Len Slider allows Reflected XSS.This issue affects Len Slider: from n/a through 2.0.11.

Published: January 16, 2025; 4:15:22 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23808

Cross-Site Request Forgery (CSRF) vulnerability in Matt van Andel Custom List Table Example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through 1.4.1.

Published: January 16, 2025; 4:15:21 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)
CVE-2025-23807

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jimmy Hu Spiderpowa Embed PDF allows Stored XSS.This issue affects Spiderpowa Embed PDF: from n/a through 1.0.

Published: January 16, 2025; 4:15:21 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0:(not available)