CVE List - 2025 / April
Showing 801 - 900 of 4038 CVEs for April 2025 (Page 9 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-22281 | 2025-04-04 | WordPress Simplish theme <= 2.6.4 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22285 | 2025-04-04 | WordPress Pallet Packaging for WooCommerce Plugin <= 1.1.15 - Broken Access Control vulnerability |
| CVE-2025-3249 | 2025-04-04 | TOTOLINK A6000R mtkwifi.lua apcli_cancel_wps command injection |
| CVE-2025-27520 | 2025-04-04 | BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization |
| CVE-2025-31130 | 2025-04-04 | gitoxide does not detect SHA-1 collision attacks |
| CVE-2025-31480 | 2025-04-04 | aiven-extras allows PostgreSQL Privilege Escalation through format function |
| CVE-2025-3250 | 2025-04-04 | elunez eladmin Maintenance Management Module testConnect deserialization |
| CVE-2025-3251 | 2025-04-04 | xujiangfei admintwo updateSet cross site scripting |
| CVE-2025-3252 | 2025-04-04 | xujiangfei admintwo add cross site scripting |
| CVE-2025-3253 | 2025-04-04 | xujiangfei admintwo insertTree cross site scripting |
| CVE-2025-0468 | 2025-04-04 | GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA) |
| CVE-2025-25178 | 2025-04-04 | GPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memory |
| CVE-2025-32112 | 2025-04-04 | WordPress Sidebar Manager Light plugin <= 1.1.8 - CSRF to Stored XSS vulnerability |
| CVE-2025-32113 | 2025-04-04 | WordPress Libro de Reclamaciones y Quejas plugin <= 0.9 - CSRF to Stored XSS vulnerability |
| CVE-2025-32118 | 2025-04-04 | WordPress CMP – Coming Soon & Maintenance plugin <= 4.1.13 - Remote Code Execution (RCE) vulnerability |
| CVE-2025-32120 | 2025-04-04 | WordPress Easy Query – WP Query Builder <= 2.0.4 - SQL Injection Vulnerability |
| CVE-2025-32121 | 2025-04-04 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.3 - SQL Injection vulnerability |
| CVE-2025-32122 | 2025-04-04 | WordPress uListing plugin <= 2.1.9 - SQL Injection vulnerability |
| CVE-2025-32124 | 2025-04-04 | WordPress Behance Portfolio Manager plugin <=1.7.4 - SQL Injection vulnerability |
| CVE-2025-32125 | 2025-04-04 | WordPress Silvasoft boekhouden Plugin <= 3.0.1 - SQL Injection vulnerability |
| CVE-2025-32126 | 2025-04-04 | WordPress Pay with Contact Form 7 Plugin <= 1.0.4 - SQL Injection vulnerability |
| CVE-2025-32127 | 2025-04-04 | WordPress onOffice for WP-Websites plugin <= 5.7 - SQL Injection vulnerability |
| CVE-2025-32129 | 2025-04-04 | WordPress Welcome Bar plugin <= 2.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32130 | 2025-04-04 | WordPress Posts Footer Manager plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-32131 | 2025-04-04 | WordPress Social Intents plugin <= 1.6.14 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-32132 | 2025-04-04 | WordPress FunnelCockpit Plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32133 | 2025-04-04 | WordPress Secure Copy Content Protection and Content Locking plugin <= 4.5.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32134 | 2025-04-04 | WordPress URL Shortify Plugin <= 1.10.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32135 | 2025-04-04 | WordPress Split Test For Elementor plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32136 | 2025-04-04 | WordPress ActiveCampaign Plugin <= 8.1.16 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32137 | 2025-04-04 | WordPress s2Member plugin <= 250214 - Local File Inclusion vulnerability |
| CVE-2025-32138 | 2025-04-04 | WordPress Easy Google Maps plugin <= 1.11.17 - XML External Entity vulnerability |
| CVE-2025-32141 | 2025-04-04 | WordPress MasterStudy LMS plugin <= 3.5.23 - Local File Inclusion vulnerability |
| CVE-2025-32142 | 2025-04-04 | WordPress Motors plugin <= 1.4.65 - Local File Inclusion vulnerability |
| CVE-2025-32146 | 2025-04-04 | WordPress JS Job Manager plugin <= 2.0.2 - Local File Inclusion vulnerability |
| CVE-2025-32147 | 2025-04-04 | WordPress Easy WP Optimizer Plugin <= 1.1.0 - Broken Access Control vulnerability |
| CVE-2025-32148 | 2025-04-04 | WordPress Daisycon prijsvergelijkers plugin <= 4.8.4 - SQL Injection vulnerability |
| CVE-2025-32149 | 2025-04-04 | WordPress teachPress plugin <= 9.0.11 - SQL Injection vulnerability |
| CVE-2025-32150 | 2025-04-04 | WordPress Real Estate Manager plugin <= 7.3 - Local File Inclusion vulnerability |
| CVE-2025-32151 | 2025-04-04 | WordPress BuddyForms Plugin <= 2.8.15 - Local File Inclusion vulnerability |
| CVE-2025-32152 | 2025-04-04 | WordPress Slider a SlidersPack Plugin <= 2.3 - Local File Inclusion vulnerability |
| CVE-2025-32153 | 2025-04-04 | WordPress VG WooCarousel plugin <= 1.3 - Local File Inclusion vulnerability |
| CVE-2025-32154 | 2025-04-04 | WordPress Catch Dark Mode plugin <= 1.2.1 - Local File Inclusion vulnerability |
| CVE-2025-32155 | 2025-04-04 | WordPress Beds24 Online Booking plugin <= 2.0.26 - Local File Inclusion vulnerability |
| CVE-2025-32156 | 2025-04-04 | WordPress Just Post Preview Widget plugin <= 1.1.1 - Local File Inclusion vulnerability |
| CVE-2025-32157 | 2025-04-04 | WordPress Sparkle Elementor Kit plugin <= 2.0.9 - Local File Inclusion vulnerability |
| CVE-2025-32159 | 2025-04-04 | WordPress Radius Blocks plugin <= 2.2.1 - Local File Inclusion vulnerability |
| CVE-2025-32161 | 2025-04-04 | WordPress Arkhe Blocks <= 2.27.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-32162 | 2025-04-04 | WordPress Chamber Dashboard Business Directory plugin <= 3.3.11 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32163 | 2025-04-04 | WordPress Xpro Elementor Addons plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32165 | 2025-04-04 | WordPress Doppler Forms plugin <= 2.4.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32166 | 2025-04-04 | WordPress Emma for WordPress plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32167 | 2025-04-04 | WordPress SurveyJS plugin <= 1.12.20 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32168 | 2025-04-04 | WordPress Gutenify plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32169 | 2025-04-04 | WordPress Showeblogin Social plugin <= 7.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32170 | 2025-04-04 | WordPress Motors plugin <= 1.4.65 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32171 | 2025-04-04 | WordPress Table Block by Tableberg – Best WordPress Table Plugin plugin <= 0.6.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32172 | 2025-04-04 | WordPress YaMaps for WordPress plugin <= 0.6.31 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32173 | 2025-04-04 | WordPress B Blocks - The ultimate block collection plugin <= 2.0.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32174 | 2025-04-04 | WordPress Tockify Events Calendar plugin <= 2.2.13 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32175 | 2025-04-04 | WordPress VK Filter Search plugin <= 2.14.1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32176 | 2025-04-04 | WordPress Gallery Blocks with Lightbox plugin <= 3.2.5 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32177 | 2025-04-04 | WordPress Embed Chessboard plugin <= 3.07.00 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32179 | 2025-04-04 | WordPress Maps for WP Plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32181 | 2025-04-04 | WordPress Search, Filters & Merchandising for WooCommerce plugin <= 3.0.57 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32182 | 2025-04-04 | WordPress Spider Elements – Addons for Elementor plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32183 | 2025-04-04 | WordPress Video Playlist For YouTube plugin <= 6.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32184 | 2025-04-04 | WordPress Ultimate Store Kit Elementor Addons plugin <= 2.4.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32185 | 2025-04-04 | WordPress Colibri Page Builder plugin <= 1.0.319 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32186 | 2025-04-04 | WordPress Turbo Addons for Elementor plugin <= 1.7.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32187 | 2025-04-04 | WordPress Administrator Z plugin <= 2025.03.04 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32188 | 2025-04-04 | WordPress Advanced Woo Labels plugin <= 2.14 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32189 | 2025-04-04 | WordPress BWD Elementor Addons plugin <= 4.3.20 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32190 | 2025-04-04 | WordPress Musician's Pack for Elementor plugin <= 1.8.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32191 | 2025-04-04 | WordPress News Element Elementor Blog Magazine plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32192 | 2025-04-04 | WordPress Ultra Addons Lite for Elementor plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32193 | 2025-04-04 | WordPress Simple WP Events plugin <= 1.8.17 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32194 | 2025-04-04 | WordPress LA-Studio Element Kit for Elementor plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32195 | 2025-04-04 | WordPress Ecwid Shopping Cart plugin <= 7.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32196 | 2025-04-04 | WordPress News Kit Elementor Addons plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32197 | 2025-04-04 | WordPress Piotnet Addons For Elementor plugin <= 2.4.34 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32201 | 2025-04-04 | WordPress Xpro Theme Builder Plugin <= 1.2.8.3 - Broken Access Control vulnerability |
| CVE-2025-32203 | 2025-04-04 | WordPress Falling things Plugin <= 1.08 - SQL Injection vulnerability |
| CVE-2025-32204 | 2025-04-04 | WordPress Split Test For Elementor Plugin <= 1.8.2 - SQL Injection vulnerability |
| CVE-2025-32207 | 2025-04-04 | WordPress Ni WooCommerce Cost Of Goods plugin <= 3.2.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-32217 | 2025-04-04 | WordPress Ai Image Alt Text Generator for WP plugin <= 1.0.8 - Broken Access Control vulnerability |
| CVE-2025-32218 | 2025-04-04 | WordPress TableOn – WordPress Posts Table Filterable Plugin <= 1.0.4 - Broken Access Control vulnerability |
| CVE-2025-32219 | 2025-04-04 | WordPress eaSYNC plugin <= 1.3.19 - Broken Access Control vulnerability |
| CVE-2025-32220 | 2025-04-04 | WordPress Salon Booking System plugin <= 10.10.7 - Broken Access Control vulnerability |
| CVE-2025-32225 | 2025-04-04 | WordPress WP Event Manager plugin <= 3.1.47 - Broken Access Control vulnerability |
| CVE-2025-32226 | 2025-04-04 | WordPress Display product variations dropdown on shop page plugin <= 1.1.3 - Broken Access Control vulnerability |
| CVE-2025-32229 | 2025-04-04 | WordPress Variable Inspector plugin <= 2.6.3 - Broken Access Control vulnerability |
| CVE-2025-32231 | 2025-04-04 | WordPress Bookingor plugin <= 1.0.6 - Broken Access Control vulnerability |
| CVE-2025-32232 | 2025-04-04 | WordPress StaffList plugin <= 3.2.6 - Broken Access Control vulnerability |
| CVE-2025-32233 | 2025-04-04 | WordPress Revive.so <= 2.0.3 - Broken Access Control vulnerability |
| CVE-2025-32234 | 2025-04-04 | WordPress AdMail plugin <= 1.7.0 - Broken Access Control vulnerability |
| CVE-2025-32235 | 2025-04-04 | WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerability |
| CVE-2025-32237 | 2025-04-04 | WordPress MasterStudy LMS plugin <= 3.5.23 - Broken Access Control vulnerability |
| CVE-2025-32238 | 2025-04-04 | WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.2 - Sensitive Data Exposure vulnerability |
| CVE-2025-32241 | 2025-04-04 | WordPress Official CleverReach WooCommerce Integration Plugin <= 3.4.3 - CSRF to Settings Change vulnerability |