CVE-2025-31570

CVE-2025-31570 involves a CSRF to Stored XSS in the WordPress plugin “Related Posts Widget with Thumbnails” (listed as Advanced CSS3 Related Posts Widget). Public description states the issue affects the plugin from version n/a up to 1.2, implying all releases ≤1.2 are affected. The CVSS metrics ...

CVE-2025-31570 WordPress Related Posts Widget with Thumbnails plugin <= 1.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in wp-buy Related Posts Widget with Thumbnails advanced-css3-related-posts-widget allows Stored XSS.This issue affects Related Posts Widget with Thumbnails: from n/a through = 1.2...

CVE-2025-31125

creationtimestamp| type| source ---|---|--- 2025-03-31 10:12:27+00:00| published-proof-of-concept| https://github.com/vitejs/vite/security/advisories/GHSA-4r4m-qw57-chr8 2025-03-31 17:30:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9702 2025-03-31 21:43:14+00:00|...

CVE-2025-2966

creationtimestamp| type| source ---|---|--- 2025-03-31 00:33:19+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9561 2025-03-31 03:17:35+00:00| seen| https://t.me/cvedetector/21527 2025-08-23 14:58:27+00:00| seen|...

CVE-2025-30223

creationtimestamp| type| source ---|---|--- 2025-03-30 11:27:47+00:00| published-proof-of-concept| https://github.com/beego/beego/security/advisories/GHSA-2j42-h78h-q4fg 2025-03-31 16:33:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9693 2025-03-31 17:40:22+00:00|...

CVE-2025-31094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Stored XSS.This issue affects WP Posts Carousel: from n/a through = 1.3.8...

CVE-2025-30920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Stored XSS.This issue affects WP Posts Carousel: from n/a through = 1.3.7...

CVE-2025-29928

creationtimestamp| type| source ---|---|--- 2025-03-28 17:45:17+00:00| seen| https://t.me/cvedetector/21438 2025-03-29 12:02:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114245613865183165 2025-03-29 12:02:03+00:00| seen|...

WordPress WP Posts Carousel plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by astra.r3verii in WordPress Plugin WP Posts Carousel versions = 1.3.8...

CVE-2025-31094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Stored XSS.This issue affects WP Posts Carousel: from n/a through = 1.3.8...

CVE-2025-31094 WordPress WP Posts Carousel <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in teastudio.pl WP Posts Carousel allows Stored XSS. This issue affects WP Posts Carousel: from n/a through 1.3.8...

CVE-2025-31094

CVE-2025-31094 affects WP Posts Carousel (WordPress plugin). Affected versions: up to 1.3.8. Type of vulnerability: Stored Cross-Site Scripting due to improper input neutralization during web page generation. Impact: enables attacker to execute scripts in a user’s browser when visiting crafted pa...

CVE-2025-31094 WordPress WP Posts Carousel plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Stored XSS.This issue affects WP Posts Carousel: from n/a through = 1.3.8...

CVE-2025-31103

creationtimestamp| type| source ---|---|--- 2025-03-28 08:20:31+00:00| seen| https://bsky.app/profile/andranglin.bsky.social/post/3llgez67qe22e 2025-03-28 08:53:59+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3llggv2r4eo2x 2025-03-29 21:02:04+00:00| seen|...

CVE-2025-22398

creationtimestamp| type| source ---|---|--- 2025-03-28 02:28:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9257 2025-03-28 02:40:20+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llfrywabgk2u 2025-03-28 04:03:38+00:00| seen|...

CVE-2025-2294

creationtimestamp| type| source ---|---|--- 2025-03-28 00:00:06+00:00| published-proof-of-concept| Telegram/IpSkdng-DvuBirFh-8nYsY3OgxKRFdquSrS72XmwTlTwLs 2025-03-28 04:00:06+00:00| published-proof-of-concept| Telegram/-T7fiB1UH9VRuMWqeF5wAirAQ9WEH4yGxP0ggrYXPxHLtk 2025-03-28 04:29:56+00:00|...

WordPress plugin WP Posts Carousel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

CVE-2025-26873

creationtimestamp| type| source ---|---|--- 2025-03-27 22:36:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9236 2025-03-27 22:40:18+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llfelpnq762v 2025-03-28 01:01:20+00:00| seen|...

CVE-2025-29306

creationtimestamp| type| source ---|---|--- 2025-03-27 20:50:25+00:00| seen| https://t.me/cvedetector/21333 2025-04-17 10:18:23+00:00| seen| https://bsky.app/profile/bilaltariq01.bsky.social/post/3lmyuweu2gf24 2025-04-18 13:44:02+00:00| seen|...

CVE-2025-22648

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plugin Devs Blog, Posts and Category Filter for Elementor blog-posts-and-category-for-elementor allows Stored XSS.This issue affects Blog, Posts and Category Filter for Elementor: from n/a through ...