Search Results | AttackerKB

Show filters

Topics 546 Users 9,710

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

546 Total Results

Displaying 31-40 of 546

Attacker Value

Unknown

CVE-2025-23500

Disclosure Date: January 22, 2025 (last updated January 23, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faaiq Ahmed, Technial Architect,faaiqsj@gmail.com Simple Custom post type custom field allows Reflected XSS. This issue affects Simple Custom post type custom field: from n/a through 1.0.3.

0

Attacker Value

Unknown

CVE-2025-22276

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Enguerran Weiss Related Post Shortcode allows Stored XSS. This issue affects Related Post Shortcode: from n/a through 1.2.

0

Attacker Value

Unknown

CVE-2024-12071

Disclosure Date: January 18, 2025 (last updated January 18, 2025)

The Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_network_post() function in all versions up to, and including, 1.4.4. This makes it possible for unauthenticated attackers to delete arbitrary posts and pages.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2025-23878

Disclosure Date: January 16, 2025 (last updated January 17, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Post-to-Post Links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through 4.2.

0

Attacker Value

Unknown

CVE-2025-23715

Disclosure Date: January 16, 2025 (last updated January 17, 2025)

Cross-Site Request Forgery (CSRF) vulnerability in RaymondDesign Post & Page Notes allows Stored XSS.This issue affects Post & Page Notes: from n/a through 0.1.1.

0

Attacker Value

Unknown

CVE-2025-23712

Disclosure Date: January 16, 2025 (last updated January 17, 2025)

Cross-Site Request Forgery (CSRF) vulnerability in Kapost Kapost allows Stored XSS.This issue affects Kapost: from n/a through 2.2.9.

0

Attacker Value

Unknown

CVE-2025-23654

Disclosure Date: January 16, 2025 (last updated January 17, 2025)

Cross-Site Request Forgery (CSRF) vulnerability in Vinícius Krolow Twitter Post allows Stored XSS.This issue affects Twitter Post: from n/a through 0.1.

0

Attacker Value

Unknown

CVE-2025-23566

Disclosure Date: January 16, 2025 (last updated January 17, 2025)

Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0.

0

Attacker Value

Unknown

CVE-2025-23530

Disclosure Date: January 16, 2025 (last updated January 17, 2025)

Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11.

0

Attacker Value

Unknown

CVE-2025-23463

Disclosure Date: January 16, 2025 (last updated January 17, 2025)

Cross-Site Request Forgery (CSRF) vulnerability in Mukesh Dak MD Custom content after or before of post allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through 1.0.

0