ReportizFlow
Filtered by vendor
Subscriptions
Total
8351 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0588 | 1 Strangerstudios | 1 Paid Memberships Pro | 2025-01-17 | 4.3 Medium |
| The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmpro_lifter_save_streamline_option() function. This makes it possible for unauthenticated attackers to enable the streamline setting with Lifter LMS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-23435 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in David Marcucci Password Protect Plugin for WordPress allows Stored XSS.This issue affects Password Protect Plugin for WordPress: from n/a through 0.8.1.0. | ||||
| CVE-2025-23501 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy Cookie Consent & Autoblock for GDPR/CCPA allows Stored XSS.This issue affects Cookie Consent & Autoblock for GDPR/CCPA: from n/a through 1.0.1. | ||||
| CVE-2025-23508 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in EdesaC Extra Options – Favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through 1.1.0. | ||||
| CVE-2025-23499 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier Board Election allows Stored XSS.This issue affects Board Election: from n/a through 1.0.1. | ||||
| CVE-2025-23513 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Joshua Wieczorek Bible Embed allows Stored XSS.This issue affects Bible Embed: from n/a through 0.0.4. | ||||
| CVE-2025-23530 | 2025-01-17 | 8.8 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11. | ||||
| CVE-2025-23510 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Zaantar WordPress Logging Service allows Stored XSS.This issue affects WordPress Logging Service: from n/a through 1.5.4. | ||||
| CVE-2025-23566 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0. | ||||
| CVE-2025-23557 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2. | ||||
| CVE-2025-23572 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Dave Konopka, Martin Scharm UpDownUpDown allows Stored XSS.This issue affects UpDownUpDown: from n/a through 1.1. | ||||
| CVE-2025-23617 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal Floatbox Plus allows Stored XSS.This issue affects Floatbox Plus: from n/a through 1.4.4. | ||||
| CVE-2025-23559 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5. | ||||
| CVE-2025-23618 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Andrea Brandi Twitter Shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through 0.9. | ||||
| CVE-2025-23659 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Hernan Javier Hegykozi MercadoLibre Integration allows Stored XSS.This issue affects MercadoLibre Integration: from n/a through 1.1. | ||||
| CVE-2025-23664 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Real Seguro Viagem Real Seguro Viagem allows Stored XSS.This issue affects Real Seguro Viagem: from n/a through 2.0.5. | ||||
| CVE-2025-23654 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Vinícius Krolow Twitter Post allows Stored XSS.This issue affects Twitter Post: from n/a through 0.1. | ||||
| CVE-2025-23691 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Braulio Aquino García Send to Twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through 1.7.2. | ||||
| CVE-2025-23673 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Don Kukral Email on Publish allows Stored XSS.This issue affects Email on Publish: from n/a through 1.5. | ||||
| CVE-2025-23677 | 2025-01-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in DSmidgy HTTP to HTTPS link changer by Eyga.net allows Stored XSS.This issue affects HTTP to HTTPS link changer by Eyga.net: from n/a through 0.2.4. | ||||