Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22520 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through 1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22519 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22507 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Benjamin Santalucia ([email protected]) WPMU Prefill Post allows SQL Injection.This issue affects WPMU Prefill Post: from n/a through 1.02.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22502 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mindvalley MindValley Super PageMash allows SQL Injection.This issue affects MindValley Super PageMash: from n/a through 1.1.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22364 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App allows PHP Local File Inclusion.This issue affects Ach Invoice App: from n/a through 1.0.1.
CVSS: HIGH (7.5) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22359 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PJFC SyncFields allows Reflected XSS.This issue affects SyncFields: from n/a through 2.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22358 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcon Simone Wp advertising management allows Reflected XSS.This issue affects Wp advertising management: from n/a through 1.0.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22357 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Plugins Target Notifications allows Reflected XSS.This issue affects Target Notifications: from n/a through 1.1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22355 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kiKx Kikx Simple Post Author Filter allows Reflected XSS.This issue affects Kikx Simple Post Author Filter: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|
|
CVE-2025-22353 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Balcom-Vetillo Design, Inc. BVD Easy Gallery Manager allows Reflected XSS.This issue affects BVD Easy Gallery Manager: from n/a through 1.0.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (3 months ago)
|