Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-46455
WordPress WP HRM LITE <= 1.1 - SQL Injection Vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IndigoThemes WP HRM LITE allows SQL Injection. This issue affects WP HRM LITE: from n/a through 1.1.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-41377
Cryptographic vulnerability in Iridium Certus 700
Description: Cryptographic vulnerability in Iridium Certus 700. This vulnerability allows a user to retrieve the encryption key, resulting in the loading of malicious firmware.

CVSS: CRITICAL (9.3)

EPSS Score: 0.06%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39504
WordPress Goodlayers Hotel plugin <= 3.1.4 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hotel allows Blind SQL Injection. This issue affects Goodlayers Hotel: from n/a through 3.1.4.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39503
WordPress Goodlayers Hotel plugin <= 3.1.4 - PHP Object Injection vulnerability
Description: Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hotel allows Object Injection. This issue affects Goodlayers Hotel: from n/a through 3.1.4.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39501
WordPress Goodlayers Hostel Plugin <= 3.1.2 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hostel allows Blind SQL Injection. This issue affects Goodlayers Hostel: from n/a through 3.1.2.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39500
WordPress Goodlayers Hostel Plugin <= 3.1.2 - PHP Object Injection vulnerability
Description: Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hostel allows Object Injection. This issue affects Goodlayers Hostel: from n/a through 3.1.2.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39499
WordPress Medicare Theme <= 2.1.0 - PHP Object Injection vulnerability
Description: Deserialization of Untrusted Data vulnerability in BoldThemes Medicare allows Object Injection. This issue affects Medicare: from n/a through 2.1.0.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39495
WordPress Avantage Theme <= 2.4.6 - PHP Object Injection vulnerability
Description: Deserialization of Untrusted Data vulnerability in BoldThemes Avantage allows Object Injection. This issue affects Avantage: from n/a through 2.4.6.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39489
WordPress CouponXL <= 4.5.0 - Privilege Escalation Vulnerability
Description: Incorrect Privilege Assignment vulnerability in pebas CouponXL allows Privilege Escalation. This issue affects CouponXL: from n/a through 4.5.0.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
May 23rd, 2025 (15 days ago)

CVE-2025-39485
WordPress GrandTour Theme <= 5.5.1 - PHP Object Injection vulnerability
Description: Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection. This issue affects Grand Tour | Travel Agency WordPress: from n/a through 5.5.1.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
May 23rd, 2025 (15 days ago)