CVE List - 2025 / January

Showing 4201 - 4277 of 4277 CVEs for January 2025 (Page 43 of 43)

Back to List Previous

CVE ID	Date	Title
CVE-2025-22332	2025-01-31	WordPress CloudFlare(R) Cache Purge plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22341	2025-01-31	WordPress Hide Login+ plugin <= 3.5.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22564	2025-01-31	WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22720	2025-01-31	WordPress WpRently \| WordPress plugin plugin <= 2.2.1 - Broken Access Control vulnerability
CVE-2025-22757	2025-01-31	WordPress CodeBard Help Desk plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23976	2025-01-31	WordPress Issuu Panel plugin <= 2.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2025-23977	2025-01-31	WordPress Post Carousel Slider plugin <= 2.0.1 - CSRF to Stored XSS vulnerability
CVE-2025-23978	2025-01-31	WordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2025-23980	2025-01-31	WordPress Full Circle plugin <= 0.5.7.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2025-23985	2025-01-31	WordPress Dynamic URL SEO plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-23987	2025-01-31	WordPress Designer plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23989	2025-01-31	WordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerability
CVE-2025-23990	2025-01-31	WordPress Scroll Styler plugin <= 1.1 - CSRF to Stored XSS vulnerability
CVE-2025-23596	2025-01-31	WordPress Notifikácie.sk plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23671	2025-01-31	WordPress WP OpenSearch plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23759	2025-01-31	WordPress Affiliate Tools Việt Nam plugin <= 0.3.17 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24534	2025-01-31	WordPress DPortfolio plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24535	2025-01-31	WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24549	2025-01-31	WordPress Post Meta plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24551	2025-01-31	WordPress Radio Buttons and Swatches for WooCommerce plugin <= 1.1.20 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24560	2025-01-31	WordPress Awesome Event Booking plugin <= 2.7.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24563	2025-01-31	WordPress Cleanup – Directory Listing & Classifieds plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24597	2025-01-31	WordPress Barcode Generator for WooCommerce plugin <= 2.0.2 - Sensitive Data Exposure vulnerability
CVE-2025-24608	2025-01-31	WordPress GD Mail Queue Plugin <= 4.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24609	2025-01-31	WordPress PORTONE 우커머스 결제 Plugin <= 3.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24632	2025-01-31	WordPress Advanced Dynamic Pricing for WooCommerce Plugin <= 4.9.0 -Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24635	2025-01-31	WordPress Paytm – Donation Plugin plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24686	2025-01-31	WordPress RegistrationMagic Plugin <= 6.0.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24710	2025-01-31	WordPress Gwolle Guestbook plugin <= 4.7.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24718	2025-01-31	WordPress WP Sessions Time Monitoring Full Automatic Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24749	2025-01-31	WordPress EZPZ SAML SP Single Sign On (SSO) plugin <= 1.2.5 - CSRF to Stored XSS vulnerability
CVE-2024-13472	2025-01-31	WooCommerce Product Table Lite <= 3.9.4 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting
CVE-2024-12267	2025-01-31	Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.8.5 - Limited Arbitrary File Deletion
CVE-2024-12415	2025-01-31	AI Infographic Maker <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution
CVE-2024-13662	2025-01-31	eHive Objects Image Grid <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-12037	2025-01-31	Frontend Content Forms for User Submissions (UGC) <= 2.8.13 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-57948	2025-01-31	mac802154: check local interfaces before deleting sdata list
CVE-2025-21665	2025-01-31	filemap: avoid truncating 64-bit offset to 32 bits
CVE-2025-21666	2025-01-31	vsock: prevent null-ptr-deref in vsock_*[has_data\|has_space]
CVE-2025-21667	2025-01-31	iomap: avoid avoid truncating 64-bit offset to 32 bits
CVE-2025-21668	2025-01-31	pmdomain: imx8mp-blk-ctrl: add missing loop break condition
CVE-2025-21669	2025-01-31	vsock/virtio: discard packets if the transport changes
CVE-2025-21670	2025-01-31	vsock/bpf: return early if transport is not assigned
CVE-2025-21671	2025-01-31	zram: fix potential UAF of zram table
CVE-2025-21672	2025-01-31	afs: Fix merge preference rule failure condition
CVE-2025-21673	2025-01-31	smb: client: fix double free of TCP_Server_Info::hostname
CVE-2025-21674	2025-01-31	net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel
CVE-2025-21675	2025-01-31	net/mlx5: Clear port select structure when fail to create
CVE-2025-21676	2025-01-31	net: fec: handle page_pool_dev_alloc_pages error
CVE-2025-21677	2025-01-31	pfcp: Destroy device along with udp socket's netns dismantle.
CVE-2025-21678	2025-01-31	gtp: Destroy device along with udp socket's netns dismantle.
CVE-2025-21679	2025-01-31	btrfs: add the missing error handling inside get_canonical_dev_path
CVE-2025-21680	2025-01-31	pktgen: Avoid out-of-bounds access in get_imix_entries
CVE-2025-21681	2025-01-31	openvswitch: fix lockup on tx to unregistering netdev with carrier
CVE-2025-21682	2025-01-31	eth: bnxt: always recalculate features after XDP clearing, fix null-deref
CVE-2025-21683	2025-01-31	bpf: Fix bpf_sk_select_reuseport() memory leak
CVE-2025-24831	2025-01-31	Local privilege escalation due to unquoted search path vulnerability. The...
CVE-2025-24830	2025-01-31	Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-24829	2025-01-31	Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-24827	2025-01-31	Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-24828	2025-01-31	Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-0929	2025-01-31	SQL injection vulnerability in TeamCal Neo
CVE-2025-0930	2025-01-31	Reflected Cross-Site Scripting (XSS) vulnerability in TeamCal Neo
CVE-2024-45650	2025-01-31	IBM Security Verify Directory denial of service
CVE-2024-11741	2025-01-31	Grafana is an open-source platform for monitoring and observability. The...
CVE-2023-38739	2025-01-31	IBM Sterling B2B Integrator cross-site request forgery
CVE-2024-47103	2025-01-31	IBM Sterling B2B Integrator cross-site scripting
CVE-2024-40696	2025-01-31	IBM Sterling B2B Integrator cross-site scripting
CVE-2024-49807	2025-01-31	IBM Sterling B2B Integrator cross-site scripting
CVE-2025-23215	2025-01-31	PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext
CVE-2024-45089	2025-01-31	IBM Sterling B2B Integrator information disclosure
CVE-2024-47116	2025-01-31	IBM Sterling B2B Integrator cross-site scripting
CVE-2024-49339	2025-01-31	IBM Financial Transaction Manager cross-site scripting
CVE-2024-49349	2025-01-31	IBM Financial Transaction Manager cross-site scripting
CVE-2025-0938	2025-01-31	URL parser allowed square brackets in domain names
CVE-2025-0934	2025-01-31	code-projects Job Recruitment _call_job_search_ajax.php sql injection
CVE-2025-24891	2025-01-31	Dumb Drop has an arbitrary file overwrite and path traversal for root shell