1150 matches found
CVE-2025-23664
Cross-Site Request Forgery CSRF vulnerability in Real Seguro Viagem Real Seguro Viagem seguro-viagem allows Stored XSS.This issue affects Real Seguro Viagem: from n/a through = 2.0.5...
CVE-2025-23659
Cross-Site Request Forgery CSRF vulnerability in hernanjh MercadoLibre Integration mercadolibre-integration allows Stored XSS.This issue affects MercadoLibre Integration: from n/a through = 1.1...
CVE-2025-23872 WordPress PayForm plugin <= 2.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in payform PayForm payform allows Stored XSS.This issue affects PayForm: from n/a through = 2.0...
CVE-2025-23859 WordPress Daily Proverb plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jd7777 Daily Proverb daily-proverb allows Stored XSS.This issue affects Daily Proverb: from n/a through = 2.0.3...
WordPress RSS News Scroller plugin <= 2.0.0 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin RSS News Scroller versions = 2.0.0...
PT-2025-5156 · Unknown · Copyright Safeguard Footer Notice
Name of the Vulnerable Software and Affected Versions: Copyright Safeguard Footer Notice versions prior to 3.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on...
PT-2025-5061 · Unknown · Call Me Now
Name of the Vulnerable Software and Affected Versions: Call me Now versions n/a through 1.0.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, and also...
PT-2025-4944 · Intuitive Design · Intuitive Design Gdreseller
Name of the Vulnerable Software and Affected Versions: Intuitive Design GDReseller versions prior to 1.6 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web applicatio...
PT-2025-4894 · Unknown · Vimal Ghorecha Rss News Scroller
Name of the Vulnerable Software and Affected Versions: Vimal Ghorecha RSS News Scroller versions prior to 2.0.0 Description: The issue is related to a Cross-Site Request Forgery CSRF problem that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a we...
PT-2025-5064 · Unknown · Mybb Last Topics
Name of the Vulnerable Software and Affected Versions: mybb Last Topics versions n/a through 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, and...
PT-2025-5037 · Unknown · Schalk Burger Anonymize Links
Name of the Vulnerable Software and Affected Versions: Schalk Burger Anonymize Links versions n/a through 1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...
PT-2025-5101 · Unknown · Style Admin
Name of the Vulnerable Software and Affected Versions: Style Admin versions n/a through 1.4.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web applicatio...
PT-2025-4872 · Go Social · Go Social
Name of the Vulnerable Software and Affected Versions: go Social versions n/a through 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on the web application, potentiall...
PT-2025-5045 · Unknown · Hack Me If You Can
Name of the Vulnerable Software and Affected Versions: Hack me if you can versions n/a through 1.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, and...
PT-2025-5003 · Mfplugin · Mfplugin
Name of the Vulnerable Software and Affected Versions: MFPlugin versions n/a through 1.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, and also stor...
PT-2025-5044 · Kapost · Kapost
Name of the Vulnerable Software and Affected Versions: Kapost versions n/a through 2.2.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Stored XSS. This means an attacker can perform actions on behalf of a user without their knowledge and can also injec...
PT-2025-4915 · WordPress · Wordpress Logging Service
Name of the Vulnerable Software and Affected Versions: WordPress Logging Service versions 1.5.4 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a...
PT-2025-5002 · Mercadolibre · Mercadolibre Integration
Name of the Vulnerable Software and Affected Versions: MercadoLibre Integration versions 1.1 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF problem that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...
PT-2025-5060 · Unknown · Martijn Scheybeler Social Analytics
Name of the Vulnerable Software and Affected Versions: Martijn Scheybeler Social Analytics versions n/a through 0.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...
PT-2025-5029 · Unknown · Shabbos/Yom Tov
Name of the Vulnerable Software and Affected Versions: Shabbos and Yom Tov versions 1.9 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...