Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-39374 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in aseem1234 Best Posts Summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39370 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cnilsson iCafe Library allows SQL Injection.This issue affects iCafe Library: from n/a through 1.8.3.
CVSS: HIGH (7.6) EPSS Score: 0.04% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39364 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginEver Product Category Slider for WooCommerce allows PHP Local File Inclusion.This issue affects Product Category Slider for WooCommerce: from n/a through 4.3.4.
CVSS: HIGH (7.5) EPSS Score: 0.13% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-23988 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno Cavalcante Ghostwriter allows Reflected XSS.This issue affects Ghostwriter: from n/a through 1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-23986 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks Tiki Time allows Reflected XSS.This issue affects Tiki Time: from n/a through 1.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-23983 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tijaji allows Reflected XSS.This issue affects Tijaji: from n/a through 1.43.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-23981 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takimi Themes CarZine allows Reflected XSS.This issue affects CarZine: from n/a through 1.4.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-23979 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-22792 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jinwen Js O3 Lite allows Reflected XSS.This issue affects Js O3 Lite: from n/a through 1.5.8.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-22791 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twh offset writing allows Reflected XSS.This issue affects offset writing: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|