Pagina 3 – Azienda Sicura

Lista CVE 2025/28xxx

CVE nel gruppo: 28xxx

CVE-2025-28872 (N/A)

CVE-2025-28873 (WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Broken Access Control vulnerability)

CVE-2025-28874 (WordPress Shuffle plugin <= 0.5 - SQL Injection vulnerability)

CVE-2025-28875 (WordPress BP Email Assign Templates By shanebp plugin <= 1.6 - Arbitrary Content Deletion vulnerability)

CVE-2025-28876 (WordPress BP Email Assign Templates By shanebp plugin <= 1.6 - Cross-Site Scripting vulnerability)

CVE-2025-28877 (WordPress Skrill Official plugin <= 1.0.65 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28878 (WordPress Key4ce osTicket Bridge plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28879 (WordPress Awesome Surveys plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28880 (WordPress Bee Layer Slider plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28881 (WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28882 (WordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28883 (WordPress Omnify plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28884 (WordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerability)

CVE-2025-28885 (WordPress WP Bulk Post Duplicator plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28886 (WordPress Fiverr.com Official Search Box plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28887 (WordPress REST API TO MiniProgram plugin <= 4.7.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28889 (WordPress Plugins Last Updated Column plugin <= 0.1.3 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28890 (WordPress Custom Product Stickers for Woocommerce plugin <= 1.9.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28891 (WordPress Lightview Plus plugin <= 3.1.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28892 (WordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerability)

CVE-2025-28893 (WordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerability)

CVE-2025-28894 (WordPress Visual Text Editor plugin <= 1.2.1 - Remote Code Execution (RCE) vulnerability)

CVE-2025-28895 (WordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerability)

CVE-2025-28896 (WordPress Custom top bar plugin <= 2.0.2 - CSRF to Stored XSS vulnerability)

CVE-2025-28897 (WordPress AS English Admin plugin <= 1.0.0 - Open Redirection vulnerability)

CVE-2025-28898 (WordPress Domain Theme plugin <= 1.3 - CSRF to Stored XSS vulnerability)

CVE-2025-28899 (WordPress WP Multistore Locator plugin <= 2.5.2 - SQL Injection vulnerability)

CVE-2025-28900 (WordPress WP Event Ticketing plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28901 (WordPress TabGarb Pro plugin <= 2.6 - CSRF to Stored XSS vulnerability)

CVE-2025-28902 (WordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerability)

CVE-2025-28903 (WordPress Contact Form 7 Select Box Editor Button plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28904 (WordPress Driving Directions plugin <= 1.4.4 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28905 (WordPress Web Directory Free plugin <= 1.7.6 - SQL Injection vulnerability)

CVE-2025-28906 (WordPress Featured Posts Grid plugin <= 1.7 - CSRF to Stored XSS vulnerability)

CVE-2025-28907 (WordPress Skitter Slideshow plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28908 (WordPress WP Last Modified plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28909 (WordPress pipDisqus plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28910 (WordPress WP No-Bot Question plugin <= 0.1.7 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28911 (WordPress WP Hide Admin Bar plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28912 (WordPress Gravity 2 PDF plugin <= 3.1.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28913 (WordPress Custom Dashboard Page plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28914 (WordPress WP Add Active Class To Menu Item plugin <=1.0 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28915 (WordPress wordpress login form to anywhere plugin <= 0.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28916 (WordPress ThemeEgg ToolKit plugin <= 1.2.9 - Arbitrary File Upload vulnerability)

CVE-2025-28917 (WordPress Docpro plugin <= 2.0.1 - Local File Inclusion vulnerability)

CVE-2025-28918 (WordPress Custom Smilies plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28919 (WordPress Featured Image Thumbnail Grid plugin <= 6.6.1 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28920 (WordPress Easy Image Display plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28921 (WordPress Responsive Google Map plugin <= 3.1.5 - Broken Access Control vulnerability)

CVE-2025-28922 (WordPress SpatialMatch IDX plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28923 (WordPress Go To Top plugin <= 0.0.8 - CSRF to Stored XSS vulnerability)

CVE-2025-28924 (WordPress No Disposable Email plugin <= 2.5.1 - CSRF to Stored XSS vulnerability)

CVE-2025-28925 (WordPress ZenphotoPress plugin <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28926 (WordPress WATI Chat and Notification plugin <= 1.1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-28927 (WordPress Post Read Time plugin <= 1.2.6 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2025-28928 (WordPress Display Template Name plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) vulnerability)

CVE-2025-28929 (WordPress Are you robot google recaptcha for WordPress plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2025-28930 (WordPress Tabbed Login Widget plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28931 (WordPress List Mixcloud plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability)

CVE-2025-28932 (WordPress WordPress Hashtags plugin <= 0.3.2 - CSRF to Stored XSS vulnerability)

Precedente Successivo