CVE List - 2025 / March
Showing 3101 - 3200 of 4018 CVEs for March 2025 (Page 32 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-2833 | 2025-03-27 | zhangyd-c OneBlog HTTP Header redos |
| CVE-2025-2835 | 2025-03-27 | zhangyd-c OneBlog RestApiController.java autoLink server-side request forgery |
| CVE-2025-31165 | 2025-03-27 | Cross Site Scripting in NightWolf Penetration Platform |
| CVE-2025-0273 | 2025-03-27 | HCL DevOps Deploy / HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability |
| CVE-2025-2332 | 2025-03-27 | Export All Posts, Products, Orders, Refunds & Users <= 2.13 - Unauthenticated PHP Object Injection |
| CVE-2025-2685 | 2025-03-27 | TablePress – Tables in WordPress made easy <= 3.0.4 - Authenticated (Author+) Stored Cross-Site Scripting |
| CVE-2024-45353 | 2025-03-27 | quick App has intent redriction vulnerability |
| CVE-2024-45354 | 2025-03-27 | xiaomi shop application Webview has code execution vulnerability |
| CVE-2024-45355 | 2025-03-27 | Xiaomi phone framework has unauthorized access vulnerability |
| CVE-2024-45356 | 2025-03-27 | Xiaomi phone framework has unauthorized access vulnerability |
| CVE-2024-45361 | 2025-03-27 | Mi Connect Service APP protocol flaws lead to leaking sensitive user information |
| CVE-2025-29993 | 2025-03-27 | The affected versions of PowerCMS allow HTTP header injection. This... |
| CVE-2025-30763 | 2025-03-27 | WordPress EO4WP <= 1.0.8.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30764 | 2025-03-27 | WordPress Football Pool plugin <= 2.12.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability |
| CVE-2025-30765 | 2025-03-27 | WordPress FlexStock <= 3.13.1 - SQL Injection Vulnerability |
| CVE-2025-30766 | 2025-03-27 | WordPress Happy Addons for Elementor <= 3.16.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30767 | 2025-03-27 | WordPress PDF for WPForms plugin <= 5.3.0 - Arbitrary Shortcode Execution vulnerability |
| CVE-2025-30768 | 2025-03-27 | WordPress jAlbum Bridge <= 2.0.18 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30772 | 2025-03-27 | WordPress WPC Smart Upsell Funnel for WooCommerce plugin <= 3.0.4 - Arbitrary Option Update to Privilege Escalation vulnerability |
| CVE-2025-30769 | 2025-03-27 | WordPress WIP WooCarousel Lite plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability |
| CVE-2025-30770 | 2025-03-27 | WordPress Charitable <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30771 | 2025-03-27 | WordPress WP Cassify <= 2.3.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30773 | 2025-03-27 | WordPress TranslatePress <= 2.9.6 - PHP Object Injection Vulnerability |
| CVE-2025-30775 | 2025-03-27 | WordPress WPGuppy plugin <= 1.1.3 - SQL Injection vulnerability |
| CVE-2025-30776 | 2025-03-27 | WordPress Sitekit <= 1.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30777 | 2025-03-27 | WordPress Support Genix <= 1.4.11 - Insecure Direct Object References (IDOR) Vulnerability |
| CVE-2025-30779 | 2025-03-27 | WordPress Doneren met Mollie <= 2.10.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30780 | 2025-03-27 | WordPress Audio Album <= 1.5.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30781 | 2025-03-27 | WordPress Scheduled & Automatic Order Status Controller for WooCommerce <= 3.7.1 - Open Redirection Vulnerability |
| CVE-2025-30783 | 2025-03-27 | WordPress WP Google Review Slider plugin <= 16.0 - CSRF to SQL Injection vulnerability |
| CVE-2025-30784 | 2025-03-27 | WordPress WP Subscription Forms <= 1.2.3 - SQL Injection Vulnerability |
| CVE-2025-30785 | 2025-03-27 | WordPress Subscribe to Download Lite <= 1.2.9 - Local File Inclusion Vulnerability |
| CVE-2025-30786 | 2025-03-27 | WordPress Quotes llama <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30787 | 2025-03-27 | WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.08 - CSRF to Stored XSS vulnerability |
| CVE-2025-30788 | 2025-03-27 | WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.08 - CSRF to SQL Injection vulnerability |
| CVE-2025-30789 | 2025-03-27 | WordPress Clearout Email Validator <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30790 | 2025-03-27 | WordPress Chatbox Manager <= 1.2.2 - Broken Access Control Vulnerability |
| CVE-2025-30791 | 2025-03-27 | WordPress Cart tracking for WooCommerce plugin <= 1.0.16 - SQL Injection Vulnerability |
| CVE-2025-30792 | 2025-03-27 | WordPress Comment Approved Notifier Extended plugin <= 5.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30795 | 2025-03-27 | WordPress Automation By Autonami plugin <= 3.5.1 - Open Redirection vulnerability |
| CVE-2025-30799 | 2025-03-27 | WordPress WP Google Street View plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30800 | 2025-03-27 | WordPress Gum Elementor Addon plugin <= 1.3.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30801 | 2025-03-27 | WordPress TWB Woocommerce Reviews plugin <= 1.7.7 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30803 | 2025-03-27 | WordPress Just Writing Statistics plugin <= 5.3 - Broken Access Control vulnerability |
| CVE-2025-30804 | 2025-03-27 | WordPress wpShopGermany IT-RECHT KANZLEI plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30805 | 2025-03-27 | WordPress Flexible Cookies plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30806 | 2025-03-27 | WordPress Vimeotheque plugin <= 2.3.4.2 - SQL Injection vulnerability |
| CVE-2025-30809 | 2025-03-27 | WordPress WordPress Contact Form, Drag and Drop Form Builder Plugin – Live Forms plugin <= 4.8.4 - Settings Change vulnerability |
| CVE-2025-30810 | 2025-03-27 | WordPress Lead Form Data Collection to CRM plugin <= 3.0.1 - SQL Injection vulnerability |
| CVE-2025-30811 | 2025-03-27 | WordPress ValidateCertify plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30812 | 2025-03-27 | WordPress SKT Addons for Elementor plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30813 | 2025-03-27 | WordPress Listamester plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30814 | 2025-03-27 | WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability |
| CVE-2025-30815 | 2025-03-27 | WordPress Hesabfa Accounting plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30816 | 2025-03-27 | WordPress publish post email notification plugin <= 1.0.2.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability |
| CVE-2025-30817 | 2025-03-27 | WordPress Z Companion plugin <= 1.0.13 - Broken Access Control vulnerability |
| CVE-2025-30818 | 2025-03-27 | WordPress jAlbum Bridge plugin <= 2.0.17 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30819 | 2025-03-27 | WordPress Simple Giveaways plugin <= 2.48.1 - SQL Injection vulnerability |
| CVE-2025-30820 | 2025-03-27 | WordPress WishSuite plugin <= 1.4.4 - Local File Inclusion Vulnerability |
| CVE-2025-30821 | 2025-03-27 | WordPress SNORDIAN's H5PxAPIkatchu plugin <= 0.4.14 - Broken Access Control vulnerability |
| CVE-2025-30822 | 2025-03-27 | WordPress Custom Login Logo Plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30823 | 2025-03-27 | WordPress Anthologize Plugin <= 0.8.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30824 | 2025-03-27 | WordPress Textmetrics plugin <= 3.6.1 - Broken Access Control vulnerability |
| CVE-2025-30826 | 2025-03-27 | WordPress IP Locator plugin <= 4.1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30828 | 2025-03-27 | WordPress Timetics plugin <= 1.0.29 - Broken Access Control vulnerability |
| CVE-2025-30829 | 2025-03-27 | WordPress WPCafe plugin <= 2.2.31 - Local File Inclusion vulnerability |
| CVE-2025-30830 | 2025-03-27 | WordPress Cool Author Box plugin <= 2.9.9 - Broken Access Control vulnerability |
| CVE-2025-30831 | 2025-03-27 | WordPress Themify Event Post Plugin <= 1.3.2 - Local File Inclusion vulnerability |
| CVE-2025-30832 | 2025-03-27 | WordPress Themify Event Post Plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30833 | 2025-03-27 | WordPress Verge3D Publishing and E-Commerce Plugin <= 4.8.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30836 | 2025-03-27 | WordPress LatePoint plugin <= 5.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30838 | 2025-03-27 | WordPress Cozy Blocks plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30839 | 2025-03-27 | WordPress Taxi Booking Manager for WooCommerce plugin <= 1.2.1 - Broken Access Control vulnerability |
| CVE-2025-30842 | 2025-03-27 | WordPress Christmas Panda plugin <= 1.0.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30843 | 2025-03-27 | WordPress bizcalendar-web plugin <= 1.1.0.34 - SQL Injection vulnerability |
| CVE-2025-30845 | 2025-03-27 | WordPress The Pack Elementor addons plugin <= 2.1.1 - Local File Inclusion vulnerability |
| CVE-2025-30846 | 2025-03-27 | WordPress Restaurant Menu by MotoPress plugin <= 2.4.4 - Local File Inclusion vulnerability |
| CVE-2025-30847 | 2025-03-27 | WordPress Novelist plugin <= 1.2.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30850 | 2025-03-27 | WordPress Dr. Flex plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30851 | 2025-03-27 | WordPress Tickera plugin <= 3.5.5.2 - Broken Access Control vulnerability |
| CVE-2025-30854 | 2025-03-27 | WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30856 | 2025-03-27 | WordPress Custom Field For WP Job Manager plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30857 | 2025-03-27 | WordPress Currency Switcher for WooCommerce plugin <= 0.0.7 - CSRF to Stored XSS vulnerability |
| CVE-2025-30859 | 2025-03-27 | WordPress AliNext plugin <= 3.5.1 - Open Redirection vulnerability |
| CVE-2025-30860 | 2025-03-27 | WordPress Off-Canvas Sidebars & Menus (Slidebars) plugin <= 0.5.8.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-30861 | 2025-03-27 | WordPress Five Star Restaurant Reservations plugin <= 2.6.29 - Broken Access Control vulnerability |
| CVE-2025-30862 | 2025-03-27 | WordPress reCAPTCHA for all plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30863 | 2025-03-27 | WordPress Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.0.9 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30864 | 2025-03-27 | WordPress Exchange Rates plugin <= 1.2.2 - Broken Access Control vulnerability |
| CVE-2025-30865 | 2025-03-27 | WordPress 3DPrint Lite plugin <= 2.1.3.5 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30866 | 2025-03-27 | WordPress Terms & Conditions Per Product plugin <= 1.2.15 - Broken Access Control Vulnerability |
| CVE-2025-30867 | 2025-03-27 | WordPress SearchIQ plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30868 | 2025-03-27 | WordPress Team Manager plugin <= 2.1.23 - Local File Inclusion Vulnerability |
| CVE-2025-30871 | 2025-03-27 | WordPress WP Travel Engine plugin <= 6.3.5 - Local File Inclusion vulnerability |
| CVE-2025-30872 | 2025-03-27 | WordPress Product Author for WooCommerce plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-30873 | 2025-03-27 | WordPress Greenshift plugin <= 11.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-30874 | 2025-03-27 | WordPress Specific Content For Mobile plugin <= 0.5.3 - Broken Access Control vulnerability |
| CVE-2025-30877 | 2025-03-27 | WordPress Quiz Cat plugin <= 3.0.8 - Broken Access Control vulnerability |
| CVE-2025-30879 | 2025-03-27 | WordPress MC Woocommerce Wishlist plugin <= 1.8.9 - SQL Injection vulnerability |
| CVE-2025-30881 | 2025-03-27 | WordPress Big Store theme <= 2.0.8 - Broken Access Control vulnerability |