CVE-2025-62963
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Estatik Estatik estatik allows DOM-Based XSS.This issue affects Estatik: from n/a through
Tagged: Cybersecurity Alert
CVE-2025-62964
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through
CVE-2025-62965
Missing Authorization vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin Management Xtended : from n/a through
CVE-2025-62966
Missing Authorization vulnerability in Apiki GoCache gocache-cdn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoCache: from n/a through
CVE-2025-62954
Missing Authorization vulnerability in Codeinwp Revive Old Posts tweet-old-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive Old Posts: from n/a through
CVE-2025-62956
Cross-Site Request Forgery (CSRF) vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through
CVE-2025-62947
Insertion of Sensitive Information Into Sent Data vulnerability in publitio Publitio publitio allows Retrieve Embedded Sensitive Data.This issue affects Publitio: from n/a through
CVE-2025-62948
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Konstantin Pankratov Date counter date-counter allows Stored XSS.This issue affects Date counter: from n/a through
CVE-2025-62949
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Stored XSS.This issue affects Activity Plus Reloaded for BuddyPress: from n/a through
CVE-2025-62951
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in icc0rz Interactive Content – H5P h5p allows Stored XSS.This issue affects Interactive Content – H5P: from n/a through
CVE-2025-62952
Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through
CVE-2025-62953
Missing Authorization vulnerability in nanbu Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through
CVE-2025-62940
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Nick Diego Blox Lite blox-lite allows Stored XSS.This issue affects Blox Lite: from n/a through
CVE-2025-62941
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in dFactory Events Maker by dFactory events-maker allows Stored XSS.This issue affects Events Maker by dFactory: from n/a through