920 matches found
CVE-2025-31905
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark O'Donnell Team Rosters team-rosters allows Reflected XSS.This issue affects Team Rosters: from n/a through = 4.7...
CVE-2025-31903
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xavi Ivars XV Random Quotes xv-random-quotes allows Reflected XSS.This issue affects XV Random Quotes: from n/a through = 2.0.0...
CVE-2025-31911
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in reputeinfosystems Social Share And Social Locker social-share-and-social-locker-arsocial allows Blind SQL Injection.This issue affects Social Share And Social Locker: from n/a through = 1.4.2...
CVE-2025-30554
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Abhishek Kumar Frizzly frizzly allows Reflected XSS.This issue affects Frizzly: from n/a through = 1.1.0...
CVE-2025-31454
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arefly Delete Post Revision delete-post-revision allows Reflected XSS.This issue affects Delete Post Revision: from n/a through = 1.1...
CVE-2025-31461
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mayeenul Islam NanoSupport nanosupport allows Reflected XSS.This issue affects NanoSupport: from n/a through = 0.6.0...
CVE-2025-31911
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in reputeinfosystems Social Share And Social Locker social-share-and-social-locker-arsocial allows Blind SQL Injection.This issue affects Social Share And Social Locker: from n/a through = 1.4.2...
CVE-2025-31905
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark O'Donnell Team Rosters team-rosters allows Reflected XSS.This issue affects Team Rosters: from n/a through = 4.7...
CVE-2025-31902
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reputeinfosystems Social Share And Social Locker social-share-and-social-locker-arsocial allows Reflected XSS.This issue affects Social Share And Social Locker: from n/a through = 1.4.1...
CVE-2025-31903
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xavi Ivars XV Random Quotes xv-random-quotes allows Reflected XSS.This issue affects XV Random Quotes: from n/a through = 2.0.0...
CVE-2025-31898
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dustinscarberry MediaView mediaview allows Reflected XSS.This issue affects MediaView: from n/a through = 1.1.2...
CVE-2025-31442
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e1tekoap42 Search engine keywords highlighter keywords-highlight-tool allows Reflected XSS.This issue affects Search engine keywords highlighter: from n/a through = 0.1.3...
CVE-2025-31467
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miro.mannino Flickr Photostream flickr-photostream allows Reflected XSS.This issue affects Flickr Photostream: from n/a through = 3.1.8...
CVE-2025-31468
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottsm WPIdenticon wp-identicon allows Reflected XSS.This issue affects WPIdenticon: from n/a through = 2.0...
CVE-2025-30596
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in tstafford include-file include-file allows Path Traversal.This issue affects include-file: from n/a through = 1...
CVE-2025-30616
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Wood Latest Custom Post Type Updates latest-custom-post-type-updates allows Reflected XSS.This issue affects Latest Custom Post Type Updates: from n/a through = 1.3.0...
CVE-2025-30611
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wptobe Wptobe-signinup wptobe-signinup allows Reflected XSS.This issue affects Wptobe-signinup: from n/a through = 1.1.2...
CVE-2025-31911
CVE-2025-31911 describes an unauthenticated SQL Injection in the WordPress plugin Social Share And Social Locker (ARSocial) affecting versions up to 1.4.2. Root cause: improper neutralization of input used in SQL commands. Reported impact per the entry is total confidentiality breach with high im...
CVE-2025-31905
CVE-2025-31905 is a Reflected XSS in the WordPress plugin Team Rosters (NotFound) affecting versions up to and including 4.7 . The issue is caused by improper input neutralization during web page generation. Exploitation status or exact payloads are not detailed in the provided documents. No reme...
CVE-2025-31903
CVE-2025-31903 affects the XV Random Quotes WordPress plugin (versions up to 1.37). The issue is a Reflected XSS caused by improper input neutralization during web page generation. Public details include CVSS 3.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) with base score 7.1 (HIGH). The Initial Descri...