Pagina 2 – Azienda Sicura

Lista CVE 2025/28xxx

CVE-2025-28856 (WordPress Teleport plugin <= 1.2.4 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28857 (WordPress W3Counter Free Real-Time Web Stats plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28858 (WordPress Rankchecker.io Integration plugin <= 1.0.9 - CSRF to Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-28859 (WordPress Arrow Maps plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28860 (WordPress Maintenance Notice plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28861 (WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability)

CVE-2025-28862 (WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability)

CVE-2025-28863 (WordPress Comment Date and Gravatar remover plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28864 (WordPress Delete Original Image plugin <= 0.4 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28865 (WordPress Builder for Contact Form 7 by Webconstruct plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28866 (WordPress WP Colorful Tag Cloud plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28867 (WordPress Login Logger plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28868 (WordPress Frontpage category filter plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28869 (WordPress ZipList Recipe plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28870 (WordPress NextGEN Gallery Voting plugin <= 2.7.6 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28871 (WordPress amoCRM WebForm plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28872 (WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28873 (WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Broken Access Control vulnerability)

CVE-2025-28874 (WordPress Shuffle plugin <= 0.5 - SQL Injection vulnerability)

CVE-2025-28875 (WordPress BP Email Assign Templates By shanebp plugin <= 1.6 - Arbitrary Content Deletion vulnerability)

CVE-2025-28876 (WordPress BP Email Assign Templates By shanebp plugin <= 1.6 - Cross-Site Scripting vulnerability)

CVE-2025-28877 (WordPress Skrill Official plugin <= 1.0.65 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28878 (WordPress Key4ce osTicket Bridge plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28879 (WordPress Awesome Surveys plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28880 (WordPress Bee Layer Slider plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28881 (WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28882 (WordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28883 (WordPress Omnify plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28884 (WordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerability)

CVE-2025-28885 (WordPress WP Bulk Post Duplicator plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28886 (WordPress Fiverr.com Official Search Box plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28887 (WordPress REST API TO MiniProgram plugin <= 4.7.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28889 (WordPress Plugins Last Updated Column plugin <= 0.1.3 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28890 (WordPress Custom Product Stickers for Woocommerce plugin <= 1.9.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28891 (WordPress Lightview Plus plugin <= 3.1.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28892 (WordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerability)