| 2025-01-25 | CVE-2024-13551 | Cross-site Scripting vulnerability in Paulrosen ABC Notation
The ABC Notation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'abcjs' shortcode in all versions up to, and including, 6.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2025-01-25 | CVE-2024-13586 | Cross-site Scripting vulnerability in Dineshrawat Masy Gallery
The Masy Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'justified-gallery' shortcode in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2025-01-25 | CVE-2024-13599 | Cross-site Scripting vulnerability in Thimpress Learnpress
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.7.5 due to insufficient input sanitization and output escaping of a lesson name. | 5.4 |
| 2025-01-25 | CVE-2024-10552 | The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘api_key’ and 'api_secret' parameters in all versions up to, and including, 3.14.26 due to insufficient input sanitization and output escaping. | 6.4 |
| 2025-01-25 | CVE-2024-13721 | The Plethora Plugins Tabs + Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the anchor parameter in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. | 6.4 |
| 2025-01-25 | CVE-2024-13709 | The Linear plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.1. | 4.3 |
| 2025-01-24 | CVE-2025-21262 | Unspecified vulnerability in Microsoft Edge Chromium
User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network | 5.4 |
| 2025-01-24 | CVE-2025-0703 | A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. | 4.3 |
| 2025-01-24 | CVE-2025-0704 | A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. | 5.3 |
| 2025-01-24 | CVE-2025-0705 | A vulnerability has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. | 4.3 |