CVE List - 2025 / January
Showing 101 - 200 of 4277 CVEs for January 2025 (Page 2 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-37235 | 2025-01-02 | WordPress Groundhogg plugin <= 3.4.2.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37236 | 2025-01-02 | WordPress Loco Translate plugin <= 2.6.9 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37238 | 2025-01-02 | WordPress WPAdverts – Classifieds plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37240 | 2025-01-02 | WordPress Falang multilanguage for WordPress plugin <= 1.3.51 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37242 | 2025-01-02 | WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37243 | 2025-01-02 | WordPress Vandana Lite theme <= 1.1.9 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37272 | 2025-01-02 | WordPress Travel Monster theme <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37274 | 2025-01-02 | WordPress WP Mobile Menu plugin <= 2.8.4.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37412 | 2025-01-02 | WordPress Blossom Shop theme <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37413 | 2025-01-02 | WordPress Preschool and Kindergarten theme <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37417 | 2025-01-02 | WordPress Coachify theme <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37421 | 2025-01-02 | WordPress JobScout theme <= 1.1.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37426 | 2025-01-02 | WordPress Elegant Pink theme 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37431 | 2025-01-02 | WordPress Mesmerize theme <= 1.6.120 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37435 | 2025-01-02 | WordPress Perfect Portfolio theme <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37441 | 2025-01-02 | WordPress NewsMash theme <= 1.0.34 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37448 | 2025-01-02 | WordPress OnePress theme <= 2.3.6 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37450 | 2025-01-02 | WordPress Benevolent theme <= 1.3.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37451 | 2025-01-02 | WordPress Travel Agency theme <= 1.4.9 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37458 | 2025-01-02 | WordPress Highlight theme <= 1.0.29 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37467 | 2025-01-02 | WordPress Hestia theme <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37469 | 2025-01-02 | WordPress Blocksy theme <= 1.9.5 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37473 | 2025-01-02 | WordPress Trendy News theme <= 1.0.15 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37478 | 2025-01-02 | WordPress Ashe theme <= 2.233 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37490 | 2025-01-02 | WordPress Bard theme <= 2.210 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37491 | 2025-01-02 | WordPress Rife Free theme <= 2.4.18 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37493 | 2025-01-02 | WordPress Posterity theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37503 | 2025-01-02 | WordPress Lawyer Landing Page theme <= 1.2.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37508 | 2025-01-02 | WordPress Construction Landing Page theme <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37511 | 2025-01-02 | WordPress Swift Performance Lite plugin <= 2.3.6.20 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37518 | 2025-01-02 | WordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37540 | 2025-01-02 | WordPress Leaky Paywall plugin <= 4.21.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37543 | 2025-01-02 | WordPress Ultimate Auction plugin <= 4.2.5 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37937 | 2025-01-02 | WordPress Rara Business theme <= 1.2.5 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38691 | 2025-01-02 | WordPress Metorik plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38729 | 2025-01-02 | WordPress MBE eShip plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38751 | 2025-01-02 | WordPress AdsforWP plugin <= 1.9.28 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38753 | 2025-01-02 | WordPress Animated Rotating Words Plugin <= 5.6 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38754 | 2025-01-02 | WordPress Tagbox plugin <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38762 | 2025-01-02 | WordPress Event Tickets and Registration plugin <= 5.11.0.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38763 | 2025-01-02 | WordPress Popularis Verse theme <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38765 | 2025-01-02 | WordPress Oceanic theme <= 1.0.48 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38766 | 2025-01-02 | WordPress Matomo Analytics plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) leading to Notice Dismissal vulnerability |
| CVE-2024-38789 | 2025-01-02 | WordPress Telegram Bot & Channel plugin <= 3.8.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38790 | 2025-01-02 | WordPress Smartsupp plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-43927 | 2025-01-02 | WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-56018 | 2025-01-02 | WordPress BU Section Editing Plugin <= 0.9.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56022 | 2025-01-02 | WordPress Preloader by WordPress Monsters plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56023 | 2025-01-02 | WordPress WP eCommerce Quickpay plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56024 | 2025-01-02 | WordPress Custom Dashboard Widget plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56025 | 2025-01-02 | WordPress AdWork Media EZ Content Locker plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56026 | 2025-01-02 | WordPress Simple Proxy plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56236 | 2025-01-02 | WordPress Hestia Nginx Cache plugin <= 2.4.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-56237 | 2025-01-02 | WordPress Contest Gallery plugin <= 24.0.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56238 | 2025-01-02 | WordPress Floating Action Buttons plugin <= 0.9.1 - Broken Access Control vulnerability |
| CVE-2024-56239 | 2025-01-02 | WordPress Themify Audio Dock plugin <= 2.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56240 | 2025-01-02 | WordPress Pronamic Google Maps plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56241 | 2025-01-02 | WordPress WPKoi Templates for Elementor plugin <= 3.1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56242 | 2025-01-02 | WordPress Arconix Shortcodes plugin <= 2.1.14 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56243 | 2025-01-02 | WordPress WPSSO Core plugin <= 18.18.1 - Broken Access Control vulnerability |
| CVE-2024-56244 | 2025-01-02 | WordPress Ashe Extra plugin <= 1.2.92 - Broken Access Control vulnerability |
| CVE-2024-56245 | 2025-01-02 | WordPress Premium Blocks plugin <= 2.1.42 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56246 | 2025-01-02 | WordPress Nexter Blocks plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56247 | 2025-01-02 | WordPress WP Post Author plugin <= 3.8.2 - SQL Injection vulnerability |
| CVE-2024-56248 | 2025-01-02 | WordPress WPMasterToolKit plugin <= 1.13.1 - Arbitrary File Download vulnerability |
| CVE-2024-56249 | 2025-01-02 | WordPress WPMasterToolKit plugin <= 1.13.1 - Arbitrary File Upload vulnerability |
| CVE-2024-56250 | 2025-01-02 | WordPress Just Writing Statistics plugin <= 4.7 - SQL Injection vulnerability |
| CVE-2024-56251 | 2025-01-02 | WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-56252 | 2025-01-02 | WordPress Enter Addons plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56253 | 2025-01-02 | WordPress Data Tables Generator by Supsystic plugin <= 1.10.36 - Broken Access Control vulnerability |
| CVE-2024-56254 | 2025-01-02 | WordPress Move Addons for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56255 | 2025-01-02 | WordPress AyeCode Connect plugin <= 1.3.8 - Broken Access Control vulnerability |
| CVE-2024-56258 | 2025-01-02 | WordPress Magazine Blocks plugin <= 1.3.20 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56259 | 2025-01-02 | WordPress GeoDirectory plugin <= 2.3.84 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56260 | 2025-01-02 | WordPress ShopElement plugin <= 2.0.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56261 | 2025-01-02 | WordPress Project Showcase plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56262 | 2025-01-02 | WordPress GS Coaches plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56263 | 2025-01-02 | WordPress GS Shots for Dribbble plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56264 | 2025-01-02 | WordPress ACF City Selector plugin <= 1.14.0 - Arbitrary File Upload vulnerability |
| CVE-2024-56266 | 2025-01-02 | WordPress MP3 Audio Player plugin <= 5.8 - Broken Access Control vulnerability |
| CVE-2024-56267 | 2025-01-02 | WordPress Interactive UK Map plugin <= 3.4.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56302 | 2025-01-02 | WordPress ConvertCalculator for WordPress plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56268 | 2025-01-02 | WordPress Post Grid Elementor Addon plugin <= 2.0.18 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56257 | 2025-01-02 | WordPress Coins MarketCap plugin <= 5.5.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56014 | 2025-01-02 | WordPress Olivia Theme <= 0.9.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-13108 | 2025-01-02 | D-Link DIR-816 A2 form2NetSniper.cgi access control |
| CVE-2024-39623 | 2025-01-02 | WordPress ListingPro theme <= 2.9.4 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability |
| CVE-2024-38778 | 2025-01-02 | WordPress WP Fast Total Search <= 1.69.234 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-13109 | 2025-01-02 | Beijing Yunfan Internet Technology Yunfan Learning Examination System doc.html improper authorization |
| CVE-2024-38764 | 2025-01-02 | WordPress i-transform theme <= 3.0.9 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38732 | 2025-01-02 | WordPress Patricia Blog theme <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-38731 | 2025-01-02 | WordPress i-amaze theme <= 1.3.7 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37931 | 2025-01-02 | WordPress Point theme <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37925 | 2025-01-02 | WordPress BuddyBoss Theme theme <= 2.4.61 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37452 | 2025-01-02 | WordPress Schema Lite theme <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-13110 | 2025-01-02 | Beijing Yunfan Internet Technology Yunfan Learning Examination System Exam Answer PaperController.java, information disclosure |
| CVE-2024-37438 | 2025-01-02 | WordPress Uncanny Toolkit Pro for LearnDash plugin < 4.1.4.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37241 | 2025-01-02 | WordPress WP Job Manager Resume Manager plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-37237 | 2025-01-02 | WordPress FS Poster plugin <= 6.5.8 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-13111 | 2025-01-02 | Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication |