CVE ID : CVE-2025-1288 Published : May 15, 2025, 8:16 p.m. | 25 minutes ago Description : The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack. […]
CVE ID : CVE-2025-1286 Published : May 15, 2025, 8:16 p.m. | 25 minutes ago Description : The Download HTML TinyMCE Button WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as […]
CVE ID : CVE-2025-0688 Published : May 15, 2025, 8:16 p.m. | 25 minutes ago Description : The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated […]
CVE ID : CVE-2025-1033 Published : May 15, 2025, 8:16 p.m. | 25 minutes ago Description : The Badgearoo WordPress plugin through 1.0.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example […]
CVE ID : CVE-2025-0329 Published : May 15, 2025, 8:16 p.m. | 25 minutes ago Description : The AI ChatBot for WordPress WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is […]
CVE ID : CVE-2025-0687 Published : May 15, 2025, 8:16 p.m. | 25 minutes ago Description : The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated […]
CVE ID : CVE-2024-9882 Published : May 15, 2025, 8:16 p.m. | 25 minutes ago Description : The Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting […]
The following table lists the changes that have been made to the CVE-2025-4714 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 15, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-4713 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 15, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-4712 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 15, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
