0.0

CVE-2025-23533 - WordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in zetxek WP Lyrics wplyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through <= 0.4.1.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23514 - WordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sanjay Prasad Loginplus loginplus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Loginplus: from n/a through <= 1.2.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23513 - WordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in jd7777 Bible Embed bible-embed allows Stored XSS.This issue affects Bible Embed: from n/a through <= 0.0.4.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23499 - WordPress Board Election plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier Board Election board-election allows Stored XSS.This issue affects Board Election: from n/a through <= 1.0.1.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23508 - WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in OrigoThemes Extra Options – Favicons extra-options-favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through <= 1.1.0.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23501 - WordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scr…

Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy Cookie Consent & Autoblock for GDPR/CCPA cookie-consent-autoblock allows Stored XSS.This issue affects Cookie Consent & Autoblock for GDPR/CCPA: from n/a through <= 1.0.1.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23435 - WordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in marcucci Password Protect Plugin for WordPress password-protect-plugin-for-wordpress allows Stored XSS.This issue affects Password Protect Plugin for WordPress: from n/a through <= 0.8.1.0.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23452 - WordPress EditionGuard for WooCommerce plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vuln…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EditionGuard EditionGuard for WooCommerce – eBook Sales with DRM editionguard-for-woocommerce-ebook-sales-with-drm allows Reflected XSS.This issue affects EditionGuard for WooCommerce – eBook Sales…

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23438 - WordPress WP PT-Viewer plugin <= 2.0.2 - Reflected XSS vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Mimoun-Prat WP PT-Viewer wp-ptviewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through <= 2.0.2.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-23497 - WordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulne…

Cross-Site Request Forgery (CSRF) vulnerability in albdesign Simple Project Manager simple-project-managment allows Stored XSS.This issue affects Simple Project Manager: from n/a through <= 1.2.2.

📅 Published: Jan. 16, 2025, 8:06 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

Vulnerability Database Index

0.0

CVE-2025-23533 - WordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerability

0.0

CVE-2025-23514 - WordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerability

0.0

CVE-2025-23513 - WordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

0.0

CVE-2025-23499 - WordPress Board Election plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

0.0

CVE-2025-23508 - WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability

0.0

CVE-2025-23501 - WordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scr…

0.0

CVE-2025-23435 - WordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerability

0.0

CVE-2025-23452 - WordPress EditionGuard for WooCommerce plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vuln…

0.0

CVE-2025-23438 - WordPress WP PT-Viewer plugin <= 2.0.2 - Reflected XSS vulnerability

0.0

CVE-2025-23497 - WordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulne…