CVE-2025-47506

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ajay Contextual Related Posts contextual-related-posts allows DOM-Based XSS.This issue affects Contextual Related Posts: from n/a through = 4.0.2...

CVE-2025-47604

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Mitigation, Inc. Inline Related Posts intelly-related-posts allows Stored XSS.This issue affects Inline Related Posts: from n/a through = 3.8.0...

CVE-2025-47484

Server-Side Request Forgery SSRF vulnerability in Oliver Campion Display Remote Posts Block display-remote-posts-block allows Server Side Request Forgery.This issue affects Display Remote Posts Block: from n/a through = 1.1.0...

CVE-2025-47636

Path Traversal: '.../...//' vulnerability in Fernando Briano List category posts list-category-posts allows PHP Local File Inclusion.This issue affects List category posts: from n/a through = 0.91.0...

CVE-2025-47514

Cross-Site Request Forgery CSRF vulnerability in Eli ELI's Related Posts Footer Links and Widget spostarbust allows Stored XSS.This issue affects ELI's Related Posts Footer Links and Widget: from n/a through = 1.2.04.20...

CVE-2025-4171

The WZ Followed Posts – Display what visitors are reading plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wfp' shortcode in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

CVE-2025-37884

creationtimestamp| type| source ---|---|--- 2025-05-09 07:25:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15689 2025-05-09 08:31:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lopz7yinkc2h 2025-05-09 09:21:35+00:00| seen|...

CVE-2025-46727

creationtimestamp| type| source ---|---|--- 2025-05-07 23:23:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15459 2025-05-08 00:27:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lomnoosfie2w 2025-05-08 00:57:27+00:00| seen|...

CVE-2025-47636

Path Traversal: '.../...//' vulnerability in Fernando Briano List category posts list-category-posts allows PHP Local File Inclusion.This issue affects List category posts: from n/a through = 0.91.0...

CVE-2025-47604

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Mitigation, Inc. Inline Related Posts intelly-related-posts allows Stored XSS.This issue affects Inline Related Posts: from n/a through = 3.8.0...

CVE-2025-47506

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ajay Contextual Related Posts contextual-related-posts allows DOM-Based XSS.This issue affects Contextual Related Posts: from n/a through = 4.0.2...

CVE-2025-47484

Server-Side Request Forgery SSRF vulnerability in Oliver Campion Display Remote Posts Block display-remote-posts-block allows Server Side Request Forgery.This issue affects Display Remote Posts Block: from n/a through = 1.1.0...

CVE-2025-47636

CVE-2025-47636 describes a Path Traversal vulnerability in the WordPress plugin “List category posts” (component: list-category-posts) allowing PHP Local File Inclusion. Public documentation indicates the issue affects versions up to 0.91.0 (and possibly 0.90.x family as per PT-2025-20199), with ...

CVE-2025-47604 WordPress Inline Related Posts plugin <= 3.8.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Mitigation, Inc. Inline Related Posts intelly-related-posts allows Stored XSS.This issue affects Inline Related Posts: from n/a through = 3.8.0...

CVE-2025-47604 WordPress Inline Related Posts <= 3.8.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Migitation, Inc. Inline Related Posts allows Stored XSS. This issue affects Inline Related Posts: from n/a through 3.8.0...

CVE-2025-47604

CVE-2025-47604 concerns a Stored XSS vulnerability in the WordPress plugin Inline Related Posts by Data443 Risk Mitigation, Inc. The issue stems from improper neutralization of input during web page generation, affecting Inline Related Posts versions up to 3.8.0 . Public documents describe the vu...

CVE-2025-47514

CVE-2025-47514 affects the EZ Related Posts Footer Links and Widget WordPress plugin (versions

CVE-2025-47514 WordPress ELI's Related Posts Footer Links and Widget plugin <= 1.2.04.20 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Eli ELI's Related Posts Footer Links and Widget spostarbust allows Stored XSS.This issue affects ELI's Related Posts Footer Links and Widget: from n/a through = 1.2.04.20...

CVE-2025-47506

CVE-2025-47506 (WordPress Contextual Related Posts) is a DOM-based XSS caused by improper input neutralization during page generation, affecting Contextual Related Posts versions n/a–4.0.2. It is not an active exploit entry in public docs; a patch exists and upgrading to a version newer than 4.0....

CVE-2025-47506 WordPress Contextual Related Posts plugin <= 4.0.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ajay Contextual Related Posts contextual-related-posts allows DOM-Based XSS.This issue affects Contextual Related Posts: from n/a through = 4.0.2...