CVE-2025-28966

CVE-2025-28966 affects the WordPress plugin Recent Posts Slider Responsive. The issue is a Cross-Site Request Forgery (CSRF) that enables Stored XSS, affecting versions from n/a up to 1.0.1. CVSS 3.1 base score 7.1 (HIGH) with network attack vector, no privileges required, user interaction requir...

CVE-2025-49243

CVE-2025-49243 concerns ShiftNav – Responsive Mobile Menu (Sevenspark). Vulnerability: Stored Cross-Site Scripting due to improper input neutralization during web page generation. Affects ShiftNav from earlier versions up to 1.8 (no public details beyond that). Impact: could allow stored XSS payl...

CVE-2025-48335

Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through = 3.2.0...

CVE-2025-48335

CVE-2025-48335 concerns WordPress Responsive Plus plugin (versions

CVE-2025-48335 WordPress Responsive Plus plugin <= 3.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through = 3.2.0...

CVE-2025-48335 WordPress Responsive Plus plugin <= 3.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through = 3.2.0...

WordPress plugin Responsive Plus 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-24089 · Cyberchimps · Cyberchimps Responsive Plus

Name of the Vulnerable Software and Affected Versions: CyberChimps Responsive Plus versions 3.2.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions...

WordPress plugin Responsive Flipbooks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin ShiftNav – Responsive Mobile Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

CVE-2025-5445

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this issue is the function RPcheckFWByBBS of the file /goform/RPcheckFWByBBS. The manipulation of the argument...

CVE-2025-5213

A vulnerability was found in projectworlds Responsive E-Learning System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deletefile.php. The manipulation of the argument ID leads to sql injection. The attack can be launched...

CVE-2025-5134 Tmall Demo Buy Item Page cross site scripting

A vulnerability classified as problematic was found in Tmall Demo up to 20250505. Affected by this vulnerability is an unknown functionality of the component Buy Item Page. The manipulation of the argument Detailed Address leads to cross site scripting. The attack can be launched remotely. The...

CVE-2025-5128

A vulnerability, which was classified as critical, was found in ScriptAndTools Real-Estate-website-in-PHP 1.0. Affected is an unknown function of the file /admin/ of the component Admin Login Panel. The manipulation of the argument Password leads to sql injection. It is possible to launch the...

CVE-2025-24533

Cross-Site Request Forgery CSRF vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Cross Site Request Forgery.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.92.0...

CVE-2025-22807

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robert Responsive Flickr Slideshow mobile-friendly-flickr-slideshow allows Stored XSS.This issue affects Responsive Flickr Slideshow: from n/a through = 2.6.0...

CVE-2025-22798

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CHR Designer Responsive jQuery Slider responsive-jquery-slider allows Stored XSS.This issue affects Responsive jQuery Slider: from n/a through = 1.1.1...

CVE-2025-0230

A vulnerability, which was classified as critical, was found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file /admin/print.php. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-43924

Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7...

CVE-2024-43335

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8...