Pagina 3 – Azienda Sicura

Lista CVE 2025/22xxx

CVE nel gruppo: 22xxx

CVE-2025-22222 (N/A)

CVE-2025-22223 (VMware Aria Operations information disclosure vulnerability (CVE-2025-22222))

CVE-2025-22224 (N/A)

CVE-2025-22225 (N/A)

CVE-2025-22226 (N/A)

CVE-2025-22228 (N/A)

CVE-2025-22230 (CVE-2025-22228: Spring Security BCryptPasswordEncoder does not enforce maximum password length)

CVE-2025-22231 (Authentication bypass vulnerability)

CVE-2025-22260 (VMware Aria Operations updates address a local privilege escalation vulnerability (CVE-2025-22231))

CVE-2025-22261 (WordPress Meta Tag Manager plugin <= 3.1 - Broken Access Control vulnerability)

CVE-2025-22262 (WordPress WP FullCalendar plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22264 (WordPress Bonjour Bar plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22265 (WordPress WP Query Creator plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22267 (WordPress EMI Calculator plugin <= 1.1 - Settings Change vulnerability)

CVE-2025-22270 (WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22271 (Stored XSS in CyberArk Endpoint Privilege Manager)

CVE-2025-22272 (IP Spoofing in CyberArk Endpoint Privilege Manager)

CVE-2025-22273 (Self Reflected XSS in CyberArk Endpoint Privilege Manager)

CVE-2025-22274 (Lack of rate-limiting in password change mechanism in CyberArk Endpoint Privilege Manager)

CVE-2025-22275 (HTML injection in CyberArk Endpoint Privilege Manager)

CVE-2025-22276 (N/A)

CVE-2025-22277 (WordPress Related Post Shortcode Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22278 (WordPress Vitepos plugin <= 3.1.4 - Broken Authentication vulnerability)

CVE-2025-22280 (WordPress Whitish Lite theme <= 2.1.13 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-22283 (WordPress DefendWP Firewall Plugin <= 1.1.0 - Broken Access Control vulnerability)

CVE-2025-22284 (WordPress GetSocial Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22286 (WordPress LTL Freight Quotes – Unishippers Edition plugin <= 2.5.8 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22289 (WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.21 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22290 (WordPress LTL Freight Quotes – Unishippers Edition plugin <= 2.5.8 - Broken Access Control vulnerability)

CVE-2025-22291 (WordPress LTL Freight Quotes – FreightQuote Edition Plugin <= 2.3.11 - SQL Injection vulnerability)

CVE-2025-22292 (WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.20 - Arbitrary Content Deletion vulnerability)

CVE-2025-22293 (WordPress Powerful Auto Chat plugin <= 1.9.8 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22294 (WordPress Gutentor plugin <= 3.4.0 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22295 (WordPress Custom Field For WP Job Manager plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22296 (WordPress Tripetto plugin <= 8.0.5 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22297 (WordPress Hash Elements plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22298 (WordPress AI WP Writer plugin <= 3.8.4.4 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-22299 (WordPress Hive Support plugin <= 1.1.6 - Broken Access Control vulnerability)

CVE-2025-22300 (WordPress AI for SEO plugin <= 1.2.9 - Broken Access Control vulnerability)

CVE-2025-22301 (WordPress PixelYourSite plugin <= 10.0.1.2 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-22302 (WordPress MyBookTable Bookstore by Stormhill Media plugin <= 3.5.3 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-22303 (WordPress WP Wand plugin <= 1.2.5 - Broken Access Control vulnerability)

CVE-2025-22304 (WordPress WP Mailster plugin <= 1.8.17.0 - Sensitive Data Exposure vulnerability)

CVE-2025-22305 (WordPress WP Visitor Statistics plugin <= 7.3 - Broken Access Control vulnerability)

CVE-2025-22306 (WordPress Hero Banner Ultimate plugin <= 1.4.2 - Local File Inclusion vulnerability)

CVE-2025-22307 (WordPress Link Whisper Free plugin <= 0.7.7 - Sensitive Data Exposure vulnerability)

CVE-2025-22308 (WordPress Product Table for WooCommerce plugin <= 3.5.6 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22309 (WordPress Smart Custom FIelds plugin <= 5.0.0 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22310 (WordPress SpeakOut! Email Petitions plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22311 (WordPress TemplatesNext ToolKit plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22312 (WordPress Private Messages for UserPro plugin <= 4.10.0 - Local File Inclusion vulnerability)

CVE-2025-22313 (WordPress Thim Elementor Kit plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22314 (WordPress Widgetize Pages Light plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22315 (WordPress Food Store plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22316 (WordPress Typing Text plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22317 (WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-22318 (WordPress Gallery Images Ape plugin <= 2.2.8 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-22319 (WordPress Standard Box Sizes plugin <= 1.6.13 - Broken Access Control vulnerability)

CVE-2025-22320 (WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability)

CVE-2025-22321 (WordPress ProductDyno plugin <= 1.0.24 - Cross Site Scripting (XSS) vulnerability)

Precedente Successivo