The following table lists the changes that have been made to the CVE-2025-20884 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Feb. 04, 2025 Action […]
CVE ID : CVE-2025-0466 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak sensei_email and sensei_message Information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, […]
CVE ID : CVE-2025-0368 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The Banner Garden Plugin for WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as […]
CVE ID : CVE-2024-13332 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The TransFinanz WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Severity: 0.0 […]
CVE ID : CVE-2024-13331 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The WP Dream Carousel WordPress plugin through 1.0.1b does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin […]
CVE ID : CVE-2024-13330 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The JustRows free WordPress plugin through 0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Severity: […]
CVE ID : CVE-2024-13329 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The Solidres WordPress plugin through 0.9.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Severity: 0.0 […]
CVE ID : CVE-2024-13328 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The Giga Messenger WordPress plugin through 2.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Severity: […]
CVE ID : CVE-2024-13327 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Severity: 0.0 […]
CVE ID : CVE-2024-13326 Published : Feb. 4, 2025, 6:15 a.m. | 35 minutes ago Description : The iBuildApp WordPress plugin through 0.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Severity: 0.0 […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
