Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48289 |
Description: Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet allows Object Injection. This issue affects Kids Planet: from n/a through 2.2.14.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-48287 |
Description: Deserialization of Untrusted Data vulnerability in Pagaleve Pix 4x sem juros – Pagaleve allows Object Injection. This issue affects Pix 4x sem juros – Pagaleve: from n/a through 1.6.9.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-48283 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Majestic Support Majestic Support allows SQL Injection. This issue affects Majestic Support: from n/a through 1.1.0.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-47687 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for WooCommerce allows Upload a Web Shell to a Web Server. This issue affects StoreKeeper for WooCommerce: from n/a through 14.4.4.
CVSS: CRITICAL (10.0) EPSS Score: 0.06%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-47663 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server. This issue affects Hospital Management System: from 47.0(20 through 11.
CVSS: CRITICAL (9.9) EPSS Score: 0.05%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-47658 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System allows Upload a Web Shell to a Web Server. This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a through 3.2.7.
CVSS: CRITICAL (9.9) EPSS Score: 0.05%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-47646 |
Description: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration allows Password Recovery Exploitation. This issue affects PSW Front-end Login & Registration: from n/a through 1.13.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-47642 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed allows Upload a Web Shell to a Web Server. This issue affects Ajar in5 Embed: from n/a through 3.1.5.
CVSS: CRITICAL (10.0) EPSS Score: 0.06%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-47641 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through 2.3.8.
CVSS: CRITICAL (10.0) EPSS Score: 0.06%
May 23rd, 2025 (15 days ago)
|
|
CVE-2025-47640 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows SQL Injection. This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through 2.3.8.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
May 23rd, 2025 (15 days ago)
|