Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22693 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contest Gallery Contest Gallery allows SQL Injection. This issue affects Contest Gallery: from n/a through 25.1.0.
CVSS: HIGH (7.6) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2025-22691 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel allows SQL Injection. This issue affects WP Travel: from n/a through 10.1.0.
CVSS: HIGH (7.6) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2025-22690 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in DigiTimber DigiTimber cPanel Integration allows Stored XSS. This issue affects DigiTimber cPanel Integration: from n/a through 1.4.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2025-22688 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ederson Peka Unlimited Page Sidebars allows Stored XSS. This issue affects Unlimited Page Sidebars: from n/a through 0.2.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2025-22685 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in CheGevara Tags to Keywords allows Stored XSS. This issue affects Tags to Keywords: from n/a through 1.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2025-22684 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hakan Ozevin WP BASE Booking allows Stored XSS. This issue affects WP BASE Booking: from n/a through 5.0.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2025-22682 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hesabfa Hesabfa Accounting allows Reflected XSS. This issue affects Hesabfa Accounting: from n/a through 2.1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2025-22679 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Reflected XSS. This issue affects Job Board Manager: from n/a through 2.1.60.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2024-43333 |
Description: Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through 7.6.2.1.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2024-13343 |
Description: The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_assign_new_roles() function in all versions up to, and including, 31.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator.
CVSS: HIGH (8.8) EPSS Score: 0.05%
February 4th, 2025 (3 months ago)
|