The following table lists the changes that have been made to the CVE-2025-2616 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 22, 2025 Action […]
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated […]
CVE ID : CVE-2025-2484 Published : March 22, 2025, 7:15 a.m. | 2 hours, 3 minutes ago Description : The Multi Video Box plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘video_id’ and ‘group_id’ parameters in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it […]
CVE ID : CVE-2025-2482 Published : March 22, 2025, 7:15 a.m. | 2 hours, 3 minutes ago Description : The Gotcha | Gesture-based Captcha plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘menu’ parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible […]
CVE ID : CVE-2025-2479 Published : March 22, 2025, 7:15 a.m. | 2 hours, 3 minutes ago Description : The Easy Custom Admin Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘msg’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible […]
CVE ID : CVE-2025-2478 Published : March 22, 2025, 7:15 a.m. | 2 hours, 3 minutes ago Description : The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation […]
CVE ID : CVE-2025-2477 Published : March 22, 2025, 7:15 a.m. | 2 hours, 3 minutes ago Description : The CryoKey plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ckemail’ parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers […]
The following table lists the changes that have been made to the CVE-2025-2303 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 22, 2025 Action […]
CVE ID : CVE-2025-1311 Published : March 22, 2025, 7:15 a.m. | 2 hours, 3 minutes ago Description : The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in the update_delivery_status() function in all versions up to, and including, 1.6.2 due to insufficient escaping on the user […]
CVE ID : CVE-2025-0807 Published : March 22, 2025, 7:15 a.m. | 2 hours, 3 minutes ago Description : The CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
