Lista CVE 2025/25xxx
CVE nel gruppo: 25xxx
CVE-2025-25092 (N/A)
CVE-2025-25093 (WordPress All push notification for WP plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25094 (WordPress Child Themes Helper plugin <= 2.2.7 - CSRF to Arbitrary File Deletion vulnerability)
CVE-2025-25095 (WordPress Breaking News Ticker plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25096 (WordPress ReverbNation Widgets plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability<)
CVE-2025-25097 (WordPress RSS in Page plugin <= 2.9.1 - Stored Cross Site Scripting (XSS) vulnerability)
CVE-2025-25098 (WordPress External “Video for Everybody” plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25099 (WordPress Links in Captions plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability)
CVE-2025-25100 (WordPress Appointment Buddy Widget By Accrete plugin <= 1.2. - Reflected Cross-Site Scripting vulnerability)
CVE-2025-25101 (WordPress Cazamba plugin <= 1.2 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25102 (WordPress Munk Sites plugin <= 1.0.7 - CSRF to Arbitrary Plugin Installation vulnerability)
CVE-2025-25103 (WordPress Yahoo BOSS Plugin <= 0.7 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25104 (WordPress Indeed API Plugin <= 0.5 - CSRF to Settings Change vulnerability)
CVE-2025-25105 (WordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerability)
CVE-2025-25106 (WordPress Pop Up Plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25107 (WordPress Starter Templates by FancyWP plugin <= 2.0.0 - CSRF to Arbitrary Plugin Installation vulnerability)
CVE-2025-25108 (WordPress OneStore Sites plugin <= 0.1.1 - CSRF to Arbitrary Plugin Installation vulnerability)
CVE-2025-25109 (WordPress SW Plus Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25110 (WordPress Vehicle Manager plugin <= 3.1 - Local File Inclusion vulnerability)
CVE-2025-25111 (WordPress Event Kikfyre plugin <= 2.1.8 - Broken Access Control vulnerability)
CVE-2025-25112 (WordPress WP Spell Check Plugin <= 9.21 - Cross Site Request Forgery (CSRF) vulnerability)
CVE-2025-25113 (WordPress Social Links plugin <= 1.2 - SQL Injection vulnerability)
CVE-2025-25114 (WordPress Implied Cookie Consent plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25115 (WordPress User Role plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25116 (WordPress Like dislike plus counter plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25117 (WordPress Link to URL / Post plugin <=1.3 - SQL Injection vulnerability)
CVE-2025-25118 (WordPress Smart Countdown FX plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25119 (WordPress WPOptin plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25120 (WordPress Woocommerce osCommerce Sync plugin <= 2.0.20 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25121 (WordPress Slide Banners plugin <= 1.3 - Broken Access Control vulnerability)
CVE-2025-25122 (WordPress Theme Options Z Plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability)
CVE-2025-25123 (WordPress WizShop Plugin <= 3.0.2 - Local File Inclusion vulnerability)
CVE-2025-25124 (WordPress Easy Related Posts plugin <= 2.0.2 - CSRF to Stored XSS vulnerability)
CVE-2025-25125 (WordPress Status Updater Plugin <= 9.21 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25126 (WordPress Fyrebox Quizzes plugin <= 2.7 - CSRF to Stored XSS vulnerability)
CVE-2025-25127 (WordPress ZMSEO plugin <= 1.14.1 - CSRF to Stored XSS vulnerability)
CVE-2025-25128 (WordPress Contact Us By Lord Linus Plugin <= 2.6 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25129 (WordPress Facilita Form Tracker plugin <= 1.0 - CSRF to Stored XSS vulnerability)
CVE-2025-25130 (WordPress Callback Request plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25131 (WordPress Delete Comments By Status plugin <= 1.5.3 - Local File Inclusion vulnerability)
CVE-2025-25132 (WordPress RJ Quickcharts plugin <= 0.6.1 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25133 (WordPress Visitor Details plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25134 (WordPress WP Frontend Submit Plugin <= 1.1.0 - Reflected Cross-Site Scripting vulnerability)
CVE-2025-25135 (WordPress Theme Demo Bar Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2025-25136 (WordPress Custom Links On Admin Dashboard Toolbar plugin <= 3.3 - CSRF to Stored XSS vulnerability)
CVE-2025-25137 (WordPress Optimate Ads plugin <= 1.0.3 - Cross-Site Scripting (XSS) vulnerability)
CVE-2025-25138 (WordPress Social Links plugin <= 1.0.11 - Stored Cross-Site Scripting vulnerability)
CVE-2025-25139 (WordPress On Page SEO + Social Live Chat (Formerly OPS) plugin <= 2.0.0 - CSRF to Stored XSS vulnerability)
CVE-2025-25140 (WordPress WP Custom Post RSS Feed plugin <= 1.0.0 - CSRF to Stored XSS vulnerability)
CVE-2025-25141 (WordPress Simple User Profile plugin <= 1.9 - CSRF to Stored XSS vulnerability)
CVE-2025-25142 (WordPress Fami Sales Popup plugin <= 2.0.0 - Local File Inclusion vulnerability)
CVE-2025-25143 (WordPress WP Less Compiler plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability)
CVE-2025-25144 (WordPress GlobalQuran Plugin <= 1.0 - CSRF to Settings Change vulnerability)
CVE-2025-25145 (WordPress Theasys plugin <= 1.0.1 - CSRF to Stored XSS vulnerability)
CVE-2025-25146 (WordPress Infusionsoft Analytics Plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability)
CVE-2025-25147 (WordPress Songkick Concerts and Festivals plugin <= 0.9.7 - Cross Site Request Forgery (CSRF) vulnerability)
CVE-2025-25148 (WordPress Auto SEO plugin <= 2.5.6 - CSRF to Stored XSS vulnerability)
CVE-2025-25149 (WordPress Read More Copy Link plugin <= 1.0.2 - CSRF to Stored XSS vulnerability)
CVE-2025-25150 (WordPress Login-box plugin <= 2.0.4 - CSRF to Stored XSS vulnerability)
CVE-2025-25151 (Directory Listings WordPress uListing plugin <= 2.1.6 - SQL Injection vulnerability)