CVE List - 2025 / January
Showing 2301 - 2400 of 4277 CVEs for January 2025 (Page 24 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-23471 | 2025-01-16 | WordPress ECT Add to Cart Button plugin <= 1.4 - CSRF to Stored XSS vulnerability |
| CVE-2025-23434 | 2025-01-16 | WordPress Easy EU Cookie law plugin <= 1.3.3.1 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23497 | 2025-01-16 | WordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23438 | 2025-01-16 | WordPress WP PT-Viewer plugin <= 2.0.2 - Reflected XSS vulnerability |
| CVE-2025-23452 | 2025-01-16 | WordPress EditionGuard for WooCommerce plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23435 | 2025-01-16 | WordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23501 | 2025-01-16 | WordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23508 | 2025-01-16 | WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23499 | 2025-01-16 | WordPress Board Election plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23513 | 2025-01-16 | WordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23514 | 2025-01-16 | WordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerability |
| CVE-2025-23533 | 2025-01-16 | WordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23530 | 2025-01-16 | WordPress Custom Post Type Lockdown plugin <= 1.11 - CSRF to Privilege Escalation vulnerability |
| CVE-2025-23511 | 2025-01-16 | WordPress WP-BlackCheck plugin <= 2.7.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23510 | 2025-01-16 | WordPress WordPress Logging Service plugin <= 1.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23537 | 2025-01-16 | WordPress add custom google tag manager plugin <= 1.0.3 - CSRF to Stored Cross-Site Scripting vulnerability |
| CVE-2025-23558 | 2025-01-16 | WordPress Geotagged Media plugin <= 0.3.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23532 | 2025-01-16 | WordPress MyAnime Widget plugin <= 1.0 - CSRF to Privilege Escalation vulnerability |
| CVE-2025-23528 | 2025-01-16 | WordPress DD Roles plugin <= 4.1 - Privilege Escalation vulnerability |
| CVE-2025-23566 | 2025-01-16 | WordPress Custom Post plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23560 | 2025-01-16 | WordPress Web Testimonials plugin <= 1.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-23557 | 2025-01-16 | WordPress Find Your Reps plugin <= 1.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-23572 | 2025-01-16 | WordPress UpDownUpDown plugin <= 1.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23620 | 2025-01-16 | WordPress Captchelfie – Captcha by Selfie plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23569 | 2025-01-16 | WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23547 | 2025-01-16 | WordPress LH Login Page plugin <= 2.14 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23567 | 2025-01-16 | WordPress GDReseller plugin <= 1.6 - CSRF to Stored XSS vulnerability |
| CVE-2025-23617 | 2025-01-16 | WordPress Floatbox Plus plugin <= 1.4.4 - CSRF to Stored XSS vulnerability |
| CVE-2025-23559 | 2025-01-16 | WordPress MemeOne plugin <= 2.0.5 - CSRF to Stored XSS vulnerability |
| CVE-2025-23577 | 2025-01-16 | WordPress Word Freshener plugin <= 1.3 - CSRF to Stored XSS vulnerability |
| CVE-2025-23618 | 2025-01-16 | WordPress Twitter Shortcode plugin <= 0.9 - CSRF to Stored Cross-Site Scripting vulnerability |
| CVE-2025-23573 | 2025-01-16 | WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23639 | 2025-01-16 | WordPress MDC YouTube Downloader plugin <= 3.0.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23627 | 2025-01-16 | WordPress Comment-Emailer plugin <= 1.0.5 - CSRF to Stored Cross-Site Scripting vulnerability |
| CVE-2025-23641 | 2025-01-16 | WordPress Powie's pLinks PagePeeker plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23623 | 2025-01-16 | WordPress Contact Form 7 – CCAvenue Add-on plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23640 | 2025-01-16 | WordPress Rename Author Slug plugin <= 1.2.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23642 | 2025-01-16 | WordPress Sidebar-Content from Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23659 | 2025-01-16 | WordPress MercadoLibre Integration plugin <= 1.1 - CSRF to Stored Cross-Site Scripting vulnerability |
| CVE-2025-23662 | 2025-01-16 | WordPress WP Panoramio plugin <= 1.5.0 - CSRF to Cross-Site Scripting vulnerability |
| CVE-2025-23660 | 2025-01-16 | WordPress MFPlugin plugin <= 1.3 - CSRF to Cross-Site Scripting vulnerability |
| CVE-2025-23664 | 2025-01-16 | WordPress Real Seguro Viagem plugin <= 2.0.5 - CSRF to Stored Cross-Site Scripting vulnerability |
| CVE-2025-23654 | 2025-01-16 | WordPress Twitter Post plugin <= 0.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23649 | 2025-01-16 | WordPress Auphonic Importer plugin <= 1.5.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23661 | 2025-01-16 | WordPress NV Slider plugin <= 1.6 - CSRF to Stored Cross-Site Scripting vulnerability |
| CVE-2025-23644 | 2025-01-16 | WordPress QuoteMedia Tools plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23665 | 2025-01-16 | WordPress RSV GMaps plugin <= 1.5 - CSRF to Stored XSS vulnerability |
| CVE-2025-23691 | 2025-01-16 | WordPress Send to Twitter plugin <= 1.7.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-23693 | 2025-01-16 | WordPress Secure CAPTCHA plugin <= 1.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-23673 | 2025-01-16 | WordPress Email on Publish plugin <= 1.5 - CSRF to Stored XSS vulnerability |
| CVE-2025-23677 | 2025-01-16 | WordPress HTTP to HTTPS link changer by Eyga.net plugin <= 0.2.4 - CSRF to Stored XSS vulnerability |
| CVE-2025-23689 | 2025-01-16 | WordPress Blogger Image Import plugin <= 2.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23675 | 2025-01-16 | WordPress Import Users to MailChimp plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23690 | 2025-01-16 | WordPress Book a Place plugin <= 0.7.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23692 | 2025-01-16 | WordPress Slider for Writers plugin <= 1.3 - CSRF to Stored XSS vulnerability |
| CVE-2025-23699 | 2025-01-16 | WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23694 | 2025-01-16 | WordPress Shabbos and Yom Tov plugin <= 1.9 - CSRF to Stored XSS vulnerability |
| CVE-2025-23698 | 2025-01-16 | WordPress WP Custom Google Search plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23708 | 2025-01-16 | WordPress DF Draggable plugin <= 1.13.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-23710 | 2025-01-16 | WordPress Flying Twitter Birds plugin <= 1.8 - CSRF to Stored XSS vulnerability |
| CVE-2025-23703 | 2025-01-16 | WordPress Free MailClient FMC plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23715 | 2025-01-16 | WordPress Post & Page Notes plugin <= 0.1.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23712 | 2025-01-16 | WordPress Kapost plugin <= 2.2.9 - CSRF to Stored XSS vulnerability |
| CVE-2025-23702 | 2025-01-16 | WordPress Anonymize Links plugin <= 1.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23720 | 2025-01-16 | WordPress Web Push plugin <= 1.4.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23717 | 2025-01-16 | WordPress Theme My Ontraport Smartform plugin <= 1.2.11 - CSRF to Stored XSS vulnerability |
| CVE-2025-23743 | 2025-01-16 | WordPress Social Analytics plugin <= 0.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-23745 | 2025-01-16 | WordPress Call me Now plugin <= 1.0.5 - CSRF to Stored XSS vulnerability |
| CVE-2025-23713 | 2025-01-16 | WordPress Hack me if you can plugin <= 1.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-23749 | 2025-01-16 | WordPress mybb Last Topics plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23767 | 2025-01-16 | WordPress Marmoset Viewer plugin <= 1.9.3 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23783 | 2025-01-16 | WordPress Greek Namedays Widget Plugin <= 20191113 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23776 | 2025-01-16 | WordPress Cache Sniper for Nginx plugin <= 1.0.4.2 - Broken Access Control vulnerability |
| CVE-2025-23765 | 2025-01-16 | WordPress W3SPEEDSTER plugin <= 7.33 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-23775 | 2025-01-16 | WordPress GMAPS for WPBakery Page Builder Free Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23772 | 2025-01-16 | WordPress imaGenius Plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23777 | 2025-01-16 | WordPress GDPR Personal Data Reports Plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23779 | 2025-01-16 | WordPress ResAds Plugin <= 2.0.5 - SQL Injection vulnerability |
| CVE-2025-23778 | 2025-01-16 | WordPress User Sync ActiveCampaign plugin <= 1.3.2 - Broken Access Control vulnerability |
| CVE-2025-23785 | 2025-01-16 | WordPress AI Responsive Gallery Album plugin <= 1.4 - Broken Access Control vulnerability |
| CVE-2025-23780 | 2025-01-16 | WordPress Easy Code Snippets Plugin <= 1.0.2 - SQL Injection vulnerability |
| CVE-2025-23794 | 2025-01-16 | WordPress wp_amaps Plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23791 | 2025-01-16 | WordPress Horizontal Line Shortcode Plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23796 | 2025-01-16 | WordPress Easy Portfolio plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23802 | 2025-01-16 | WordPress WP-Revive Adserver Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23800 | 2025-01-16 | WordPress OrangeBox plugin <= 3.0.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23795 | 2025-01-16 | WordPress Easy FAQs plugin <= 3.2.1 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23797 | 2025-01-16 | WordPress WP Options Editor plugin <= 1.1 - CSRF to Privilege Escalation vulnerability |
| CVE-2025-23804 | 2025-01-16 | WordPress WP Service Payment Form With Authorize.net Plugin <= 2.6.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23801 | 2025-01-16 | WordPress Style Admin Plugin <= 1.4.3 - CSRF to Stored XSS vulnerability |
| CVE-2025-23810 | 2025-01-16 | WordPress Len Slider Plugin <= 2.0.11 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23817 | 2025-01-16 | WordPress MHR-Custom-Anti-Copy plugin <= 2.0 - CSRF to Stored Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-23805 | 2025-01-16 | WordPress SEOReseller Partner plugin <= 1.3.15 - CSRF to Stored XSS vulnerability |
| CVE-2025-23808 | 2025-01-16 | WordPress Custom List Table Example Plugin <=1.4.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23822 | 2025-01-16 | WordPress Category Custom Fields plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2025-23807 | 2025-01-16 | WordPress Spiderpowa Embed PDF plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23818 | 2025-01-16 | WordPress More Link Modifier plugin <= 1.0.3 - CSRF to Cross-Site Scripting vulnerability |
| CVE-2025-23827 | 2025-01-16 | WordPress Strx Magic Floating Sidebar Maker plugin <= 1.4.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-23820 | 2025-01-16 | WordPress Content Security Policy Pro plugin <= 1.3.5 - CSRF to Stored XSS vulnerability |
| CVE-2025-23832 | 2025-01-16 | WordPress Admin Cleanup plugin <= 1.0.2 - CSRF to Stored XSS vulnerability |