Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-23932 |
Description: Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection. This issue affects Quick Count: from n/a through 3.00.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 23rd, 2025 (3 months ago)
|
|
CVE-2025-23931 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WordPress Local SEO allows Blind SQL Injection. This issue affects WordPress Local SEO: from n/a through 2.3.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 23rd, 2025 (3 months ago)
|
|
CVE-2025-23921 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for Gravity Forms allows Upload a Web Shell to a Web Server. This issue affects Multi Uploader for Gravity Forms: from n/a through 1.1.3.
CVSS: CRITICAL (9.0) EPSS Score: 0.04%
January 23rd, 2025 (3 months ago)
|
|
CVE-2025-23918 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser allows Upload a Web Shell to a Web Server. This issue affects Smallerik File Browser: from n/a through 1.1.
CVSS: CRITICAL (9.9) EPSS Score: 0.04%
January 23rd, 2025 (3 months ago)
|
|
CVE-2025-23914 |
Description: Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows Object Injection. This issue affects Muzaara Google Ads Report: from n/a through 3.1.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 23rd, 2025 (3 months ago)
|
|
CVE-2024-12857 |
Description: The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. This is due to the plugin not properly verifying a user's identity prior to logging them in as that user. This makes it possible for unauthenticated attackers to authenticate as any user as long as they have configured OTP login by phone number.
CVSS: CRITICAL (9.8) EPSS Score: 0.09%
January 23rd, 2025 (3 months ago)
|
|
CVE-2025-22723 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager allows Upload a Web Shell to a Web Server. This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.6.7.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
January 22nd, 2025 (3 months ago)
|
|
CVE-2025-22553 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Multiple Carousel allows SQL Injection. This issue affects Multiple Carousel: from n/a through 2.0.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 22nd, 2025 (3 months ago)
|
|
CVE-2024-51919 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Fancy Product Designer. This issue affects Fancy Product Designer: from n/a through 6.4.3.
CVSS: CRITICAL (9.0) EPSS Score: 0.04%
January 22nd, 2025 (3 months ago)
|
|
CVE-2024-51888 |
Description: Incorrect Privilege Assignment vulnerability in NotFound Homey Login Register allows Privilege Escalation. This issue affects Homey Login Register: from n/a through 2.4.0.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 22nd, 2025 (3 months ago)
|