Advisories

Severity 1.7

A Capture Contact Form (and tab) - Insecure deserialization

CVE-2025-31287

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 4.8

Click-to-Call for Twilio - Reflected cross-site scripting (XSS)

CVE-2025-31288

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 4.8

AIO Cache and Performance - Reflected cross-site scripting (XSS)

CVE-2025-31289

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 1.7

Church Admin - Insecure deserialization

CVE-2025-31290

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 4.8

Batch Validator - Reflected cross-site scripting (XSS)

CVE-2025-31291

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 4.8

Content.ad - Reflected cross-site scripting (XSS)

CVE-2025-31292

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 4.8

Best Rating and Pageviews - Reflected cross-site scripting (XSS)

CVE-2025-31293

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 4.8

Bulk Watermark - Reflected cross-site scripting (XSS)

CVE-2025-31294

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Severity 4.8

AzonPost - Reflected cross-site scripting (XSS)

CVE-2025-31295

Published: 2025-03-14 12:00 COT

Discovered by Andres Roldan

Publicly disclosed vulnerabilities discovered by Fluid Attacks Research Team.