CVE-2025-23441

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dkukral Attach Gallery Posts attach-gallery-posts allows Reflected XSS.This issue affects Attach Gallery Posts: from n/a through = 1.6...

CVE-2025-1463

The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to improper nonce validation within the class-wpgsi-show.php script. This makes it possible for unauthenticated attackers to publish arbitrary post...

CVE-2025-1463

CVE-2025-1463 affects Spreadsheet Integration (WordPress plugin) up to version 3.8.2. Root cause: improper nonce validation in class-wpgsi-show.php leading to Cross-Site Request Forgery. Impact: unauthenticated attackers can publish arbitrary posts (including private ones) if a site admin is tric...

WordPress plugin Spreadsheet Integration 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

CVE-2025-26319

creationtimestamp| type| source ---|---|--- 2025-03-04 21:35:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6444 2025-03-05 00:12:43+00:00| seen| https://t.me/cvedetector/19551 2025-03-06 00:00:08+00:00| seen|...

CVE-2025-22870

creationtimestamp| type| source ---|---|--- 2025-03-04 20:44:04+00:00| seen| https://bsky.app/profile/go-perf.bsky.social/post/3ljldeoic6c2f 2025-03-07 18:52:42+00:00| seen| https://gist.github.com/EbonJaeger/d4b1234a40aa00f5181603a97fda735a 2025-03-07 20:29:35+00:00| seen|...

CVE-2025-1969

creationtimestamp| type| source ---|---|--- 2025-03-04 19:33:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6404 2025-03-04 22:32:20+00:00| seen| https://t.me/cvedetector/19540 2025-03-05 20:57:53+00:00| seen| https://bsky.app/profile/aakl.bsky.social/post/3ljnum336y2...

CVE-2025-23410

creationtimestamp| type| source ---|---|--- 2025-03-04 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07 2025-03-05 00:33:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6467 2025-03-05 01:49:26+00:00| seen|...

CVE-2025-0958

The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 4.2.9. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary auctions, posts as well as...

WordPress Link My Posts plugin <= 1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Link My Posts versions = 1.0...

CVE-2023-49031

creationtimestamp| type| source ---|---|--- 2025-03-03 20:49:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljit77q6ml2a 2025-03-03 21:24:52+00:00| seen| https://t.me/cvedetector/19409 2025-03-04 21:02:00+00:00| seen|...

CVE-2025-27423

creationtimestamp| type| source ---|---|--- 2025-03-03 16:57:49+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114099556793062950 2025-03-03 19:43:59+00:00| seen| https://t.me/cvedetector/19373 2025-03-03 20:49:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljit7ahf7b...

CVE-2018-8639

creationtimestamp| type| source ---|---|--- 2025-03-03 15:58:10+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/3472167 2025-03-03 18:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2025-03-03 19:03:10+00:00| seen| https://bsky.app/profile/hackingne.ws/post/3ljinbdwlgm23...

CVE-2025-25170

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DotsquaresLtd Migrate Posts migrate-post allows Reflected XSS.This issue affects Migrate Posts: from n/a through = 1.0...

CVE-2025-23441

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dkukral Attach Gallery Posts attach-gallery-posts allows Reflected XSS.This issue affects Attach Gallery Posts: from n/a through = 1.6...

CVE-2025-25170 WordPress Migrate Posts Plugin <=1.0 - Post Based Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Migrate Posts allows Reflected XSS. This issue affects Migrate Posts: from n/a through 1.0...

CVE-2025-25170 WordPress Migrate Posts Plugin <=1.0 - Post Based Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DotsquaresLtd Migrate Posts migrate-post allows Reflected XSS.This issue affects Migrate Posts: from n/a through = 1.0...

CVE-2025-25170

CVE-2025-25170 affects the WordPress Migrate Posts plugin (versions

CVE-2025-23441

The CVE-2025-23441 entry concerns the WordPress NotFound Attach Gallery Posts plugin (versions

CVE-2025-23441 WordPress Attach Gallery Posts plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dkukral Attach Gallery Posts attach-gallery-posts allows Reflected XSS.This issue affects Attach Gallery Posts: from n/a through = 1.6...