CVE-2025-5147

creationtimestamp| type| source ---|---|--- 2025-05-25 11:43:21+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpylf24ajrv2 2025-05-25 11:45:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17506 2025-05-25...

CVE-2025-5119

creationtimestamp| type| source ---|---|--- 2025-05-23 21:45:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17475 2025-05-23 23:29:34+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpurw3j4mea2 2025-05-24...

CVE-2025-24916

creationtimestamp| type| source ---|---|--- 2025-05-23 16:46:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17423 2025-05-23 18:09:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpua2ab7wc2j 2025-05-23 23:29:35+00:00| seen|...

CVE-2025-46518

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phpaddicted IGIT Related Posts With Thumb Image After Posts igit-related-posts-with-thumb-images-after-posts allows Stored XSS.This issue affects IGIT Related Posts With Thumb Image After Posts: fr...

CVE-2025-46518

CVE-2025-46518 affects the WordPress plugin IGIT Related Posts With Thumb Images After Posts. The issue is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Affected: versions from n/a through 4.5.3. Impact: XSS payloads could...

CVE-2025-46518 WordPress IGIT Related Posts With Thumb Image After Posts plugin <= 4.5.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phpaddicted IGIT Related Posts With Thumb Image After Posts igit-related-posts-with-thumb-images-after-posts allows Stored XSS.This issue affects IGIT Related Posts With Thumb Image After Posts: fr...

CVE-2025-23963

Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through = 2.2.4...

CVE-2025-22734

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Mitigation, Inc. Posts Footer Manager intelly-posts-footer-manager allows Stored XSS.This issue affects Posts Footer Manager: from n/a through = 2.1.0...

CVE-2025-23764

Missing Authorization vulnerability in ujjavaljani Copy Move Posts copy-move-posts.This issue affects Copy Move Posts: from n/a through = 1.6...

CVE-2024-44036

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes allows Stored XSS.This issue affects Kodex Posts likes: from n/a through = 2.5.0...

CVE-2024-8713

The Kodex Posts likes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...

CVE-2024-7836

The Themify Builder plugin for WordPress is vulnerable to unauthorized post duplication due to missing checks on the duplicatepageajaxify function in all versions up to, and including, 7.6.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to duplicate...

CVE-2024-0421

The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts...

CVE-2024-3679

The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.002. This makes it possible for unauthenticated attackers to view limited information from password protected posts through the social meta data...

CVE-2024-33692

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3...

CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajaxloadmore , eaelwoopaginationproductajax, and ajaxeaelproductgallery...

CVE-2024-31426

Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...

CVE-2024-1587

The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmaticfilterpostsloadtabcontent'. This makes it possible for unauthenticated attackers to view draft posts and post content...

CVE-2024-1642

The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.0.1. This is due to missing or incorrect nonce validation on the 'postingbulk' function. This makes it possible for...

CVE-2024-1489

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.9. This is due to missing or incorrect nonce validation on the processBulkAction function. This makes it possible for unauthenticated attacker...