CVE List - 2025 / January
Showing 701 - 800 of 4277 CVEs for January 2025 (Page 8 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-11681 | 2025-01-07 | Remote Code Execution in MacPorts |
| CVE-2025-22593 | 2025-01-07 | WordPress Laika Pedigree Tree plugin <= 1.4 - CSRF to Stored XSS vulnerability |
| CVE-2025-22592 | 2025-01-07 | WordPress 1003 Mortgage Application plugin <= 1.87 - Broken Access Control vulnerability |
| CVE-2025-22591 | 2025-01-07 | WordPress 1003 Mortgage Application plugin <= 1.87 - Broken Access Control vulnerability |
| CVE-2025-22590 | 2025-01-07 | WordPress Prayer Times Anywhere plugin <= 2.0.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-22589 | 2025-01-07 | WordPress Quote Tweet plugin <= 0.7 - CSRF to Stored XSS vulnerability |
| CVE-2025-22585 | 2025-01-07 | WordPress Ultimate Image Hover Effects plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22584 | 2025-01-07 | WordPress Timeline Pro plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22582 | 2025-01-07 | WordPress Uptime Robot plugin <= 0.1.3 - CSRF to Stored XSS vulnerability |
| CVE-2025-22581 | 2025-01-07 | WordPress Arcade Ready plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22580 | 2025-01-07 | WordPress Biltorvet Dealer Tools plugin <= 1.0.22 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22579 | 2025-01-07 | WordPress WP Header Notification plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22578 | 2025-01-07 | WordPress WP Cookie plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22577 | 2025-01-07 | WordPress Able Player plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22574 | 2025-01-07 | WordPress ICS Button plugin <= 0.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22573 | 2025-01-07 | WordPress Icons Enricher plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22572 | 2025-01-07 | WordPress Legacy ePlayer plugin <= 0.9.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22571 | 2025-01-07 | WordPress Instabot plugin <= 1.10 - CSRF to Stored XSS vulnerability |
| CVE-2025-22563 | 2025-01-07 | WordPress Pretty Urls Plugin <= 1.5.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-22562 | 2025-01-07 | WordPress Title Experiments Free plugin <= 9.0.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-22560 | 2025-01-07 | WordPress Saoshyant Page Builder plugin <= 3.8 - Broken Access Control vulnerability |
| CVE-2025-22559 | 2025-01-07 | WordPress TubePress.NET Plugin <= 4.0.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-22558 | 2025-01-07 | WordPress mcjh button shortcode plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22557 | 2025-01-07 | WordPress News Publisher Autopilot plugin <= 2.1.4 - CSRF to Stored XSS vulnerability |
| CVE-2025-22556 | 2025-01-07 | WordPress Norse Rune Oracle plugin <= 1.4.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-22555 | 2025-01-07 | WordPress Smoothness Slider Shortcode plugin <= v1.2.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-22554 | 2025-01-07 | WordPress Video Embed Optimizer plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22552 | 2025-01-07 | WordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerability |
| CVE-2025-22551 | 2025-01-07 | WordPress Boot-Modal plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22550 | 2025-01-07 | WordPress AddFunc Mobile Detect plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22549 | 2025-01-07 | WordPress WP Github plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22548 | 2025-01-07 | WordPress ldap_login_password_and_role_manager plugin <= 1.0.12 - CSRF to Stored XSS vulnerability |
| CVE-2025-22547 | 2025-01-07 | WordPress JK Html To Pdf plugin <= 1.0.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-22546 | 2025-01-07 | WordPress jQuery TwentyTwenty plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22545 | 2025-01-07 | WordPress iframe to embed plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22544 | 2025-01-07 | WordPress Mind Doodle Visual Sitemaps & Tasks plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22543 | 2025-01-07 | WordPress ST Gallery WP plugin <= 1.0.8 - Settings Change vulnerability |
| CVE-2025-22541 | 2025-01-07 | WordPress WP Delete Post Copies plugin <= 5.5 - Broken Access Control vulnerability |
| CVE-2025-22538 | 2025-01-07 | WordPress Virtual Bot Plugin <= 1.0.0 - CSRF Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22536 | 2025-01-07 | WordPress WP Music Player Plugin <= 1.3 - SQL Injection vulnerability |
| CVE-2025-22534 | 2025-01-07 | WordPress Slides & Presentations Plugin <= 0.0.39 - Broken Access Control vulnerability |
| CVE-2025-22533 | 2025-01-07 | WordPress WOOEXIM Plugin <= 5.0.0 - SQL Injection vulnerability |
| CVE-2025-22532 | 2025-01-07 | WordPress Simple Photo Sphere plugin <= 0.0.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22531 | 2025-01-07 | WordPress Urdu Formatter – Shamil plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22530 | 2025-01-07 | WordPress 아임포트 결제버튼 생성 플러그인 plugin <= 1.1.19 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22529 | 2025-01-07 | WordPress WE Blocks <= 1.3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22528 | 2025-01-07 | WordPress Huurkalender WP Plugin <= 1.5.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22525 | 2025-01-07 | WordPress Donation Block For PayPal Plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22524 | 2025-01-07 | WordPress فرم ساز فرم افزار Plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22522 | 2025-01-07 | WordPress SingSong plugin <= 1.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-22520 | 2025-01-07 | WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-22519 | 2025-01-07 | WordPress eDoc Easy Tables Plugin <= 1.29 - SQL Injection vulnerability |
| CVE-2025-22518 | 2025-01-07 | WordPress Justified Image Gallery plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22517 | 2025-01-07 | WordPress List Pages at Depth plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22516 | 2025-01-07 | WordPress Metadata SEO plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22515 | 2025-01-07 | WordPress Show Google Analytics widget plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22512 | 2025-01-07 | WordPress Help Scout Plugin <= 6.5.1 - Broken Access Control vulnerability |
| CVE-2025-22511 | 2025-01-07 | WordPress Slides & Presentations Plugin <= 0.0.39 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22507 | 2025-01-07 | WordPress WPMU Prefill Post Plugin <= 1.02 - SQL Injection vulnerability |
| CVE-2025-22503 | 2025-01-07 | WordPress Admin debug wordpress – enable debug Plugin <= 1.0.13 - Cross Site Request Forgery vulnerability |
| CVE-2025-22502 | 2025-01-07 | WordPress MindValley Super PageMash Plugin <= 1.1 - SQL Injection vulnerability |
| CVE-2025-22338 | 2025-01-07 | WordPress WP-tagMaker plugin <= 0.2.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22335 | 2025-01-07 | WordPress Opencart Product in WP plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22294 | 2025-01-07 | WordPress Custom Field For WP Job Manager plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-56056 | 2025-01-07 | WordPress SimpleCharm Theme <= 1.4.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53800 | 2025-01-07 | WordPress Rezgo Online Booking plugin <= 4.15 - Local File Inclusion vulnerability |
| CVE-2025-0297 | 2025-01-07 | code-projects Online Book Shop detail.php sql injection |
| CVE-2024-52813 | 2025-01-07 | matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity |
| CVE-2025-21622 | 2025-01-07 | ClipBucket V5 Avatar URL Path Traversal to Arbitrary File Delete |
| CVE-2025-21623 | 2025-01-07 | ClipBucket V5 Unauthenticated Template Directory Update to Denial-of-Service |
| CVE-2025-21624 | 2025-01-07 | ClipBucket V5 Playlist Cover File Upload to Remote Code Execution |
| CVE-2024-25037 | 2025-01-07 | IBM Cognos Controller information disclosure |
| CVE-2024-28778 | 2025-01-07 | IBM Cognos Controller information disclosure |
| CVE-2025-0298 | 2025-01-07 | code-projects Online Book Shop process_login.php sql injection |
| CVE-2024-40702 | 2025-01-07 | IBM Cognos Controller improper certificate validation |
| CVE-2021-20455 | 2025-01-07 | IBM Cognos Controller information disclosure |
| CVE-2022-22363 | 2025-01-07 | IBM Cognos Controller information disclosure |
| CVE-2025-0244 | 2025-01-07 | When redirecting to an invalid protocol scheme, an attacker could... |
| CVE-2025-0245 | 2025-01-07 | Under certain circumstances, a user opt-in setting that Focus should... |
| CVE-2025-0246 | 2025-01-07 | When using an invalid protocol scheme, an attacker could spoof... |
| CVE-2025-0237 | 2025-01-07 | The WebChannel API, which is used to transport various information... |
| CVE-2025-0238 | 2025-01-07 | Assuming a controlled failed memory allocation, an attacker could have... |
| CVE-2025-0239 | 2025-01-07 | When using Alt-Svc, ALPN did not properly validate certificates when... |
| CVE-2025-0240 | 2025-01-07 | Parsing a JavaScript module as JSON could, under some circumstances,... |
| CVE-2025-0241 | 2025-01-07 | When segmenting specially crafted text, segmentation would corrupt memory leading... |
| CVE-2025-0242 | 2025-01-07 | Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox... |
| CVE-2025-0243 | 2025-01-07 | Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox... |
| CVE-2025-0247 | 2025-01-07 | Memory safety bugs present in Firefox 133 and Thunderbird 133.... |
| CVE-2024-8361 | 2025-01-07 | DoS caused due to wrong hash length returned for SHA2/224 algorithm |
| CVE-2024-40748 | 2025-01-07 | [20250102] - Core - XSS vector in the id attribute of menu lists |
| CVE-2024-40747 | 2025-01-07 | [20250101] - Core - XSS vectors in module chromes |
| CVE-2024-40749 | 2025-01-07 | [20250103] - Core - Read ACL violation in multiple core views |
| CVE-2024-12430 | 2025-01-07 | An attacker who successfully exploited these vulnerabilities could cause enable... |
| CVE-2025-0299 | 2025-01-07 | code-projects Online Book Shop search_result.php sql injection |
| CVE-2024-56272 | 2025-01-07 | WordPress Hide Category by User Role for WooCommerce plugin <= 2.1.1 - Broken Access Control vulnerability |
| CVE-2024-56270 | 2025-01-07 | WordPress WP SecureSubmit plugin <= 1.5.16 - Sensitive Data Exposure vulnerability |
| CVE-2025-22621 | 2025-01-07 | Privilege escalation for users who hold the “splunk_app_soar“ role in the Splunk App for SOAR |
| CVE-2025-22350 | 2025-01-07 | WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability |
| CVE-2025-22500 | 2025-01-07 | WordPress Alpha Price Table For Elementor plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22365 | 2025-01-07 | WordPress EMC2 Alert Boxes Plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |