Lista CVE 2025/25xxx

CVE nel gruppo: 25xxx

CVE-2025-25072 (N/A)

CVE-2025-25073 (WordPress WP Admin Custom Page plugin <= 1.5.0 - CSRF to Stored XSS vulnerability)

CVE-2025-25074 (WordPress Easy WP Tiles plugin <= 1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25075 (WordPress WP Social Stream plugin <= 1.1 - CSRF to Stored XSS vulnerability)

CVE-2025-25076 (WordPress Show notice or message on admin area plugin <= 2.0 - CSRF to Stored XSS vulnerability)

CVE-2025-25077 (WordPress Graceful Email Obfuscation plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25078 (WordPress Easy Chart Builder for WordPress plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-25079 (WordPress Google Earth Embed plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25080 (WordPress Simple Select All Text Box plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25081 (WordPress Kona Gallery Block plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-25082 (WordPress Embed RSS plugin <= 3.1 - Arbitrary Shortcode Execution vulnerability)

CVE-2025-25083 (WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-25084 (WordPress EP4 More Embeds Plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-25085 (WordPress UniTimetable plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25086 (WordPress WP SimpleWeather plugin <= 0.2.5 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25087 (WordPress Secret Meta plugin <= 1.2.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-25088 (WordPress seekXL Snapr plugin <= 2.0.6 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-25089 (WordPress WP Keyword Monitor Plugin <=1.0.5 - CSRF to Stored XSS vulnerability)

CVE-2025-25090 (WordPress Image Rotator plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-25091 (WordPress Dreamstime Stock Photos plugin <= 4.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-25092 (WordPress NextGen Cooliris Gallery plugin <= 0.7 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25093 (WordPress All push notification for WP plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25094 (WordPress Child Themes Helper plugin <= 2.2.7 - CSRF to Arbitrary File Deletion vulnerability)

CVE-2025-25095 (WordPress Breaking News Ticker plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25096 (WordPress ReverbNation Widgets plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability<)

CVE-2025-25097 (WordPress RSS in Page plugin <= 2.9.1 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-25098 (WordPress External “Video for Everybody” plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25099 (WordPress Links in Captions plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-25100 (WordPress Appointment Buddy Widget By Accrete plugin <= 1.2. - Reflected Cross-Site Scripting vulnerability)

CVE-2025-25101 (WordPress Cazamba plugin <= 1.2 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-25102 (WordPress Munk Sites plugin <= 1.0.7 - CSRF to Arbitrary Plugin Installation vulnerability)

CVE-2025-25103 (WordPress Yahoo BOSS Plugin <= 0.7 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-25104 (WordPress Indeed API Plugin <= 0.5 - CSRF to Settings Change vulnerability)

CVE-2025-25105 (WordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerability)

CVE-2025-25106 (WordPress Pop Up Plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-25107 (WordPress Starter Templates by FancyWP plugin <= 2.0.0 - CSRF to Arbitrary Plugin Installation vulnerability)

CVE-2025-25108 (WordPress OneStore Sites plugin <= 0.1.1 - CSRF to Arbitrary Plugin Installation vulnerability)

CVE-2025-25109 (WordPress SW Plus Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-25110 (WordPress Vehicle Manager plugin <= 3.1 - Local File Inclusion vulnerability)

CVE-2025-25111 (WordPress Event Kikfyre plugin <= 2.1.8 - Broken Access Control vulnerability)