Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22790 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in asmedia allows Reflected XSS.This issue affects moseter: from n/a through 1.3.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-22789 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks polka dots allows Reflected XSS.This issue affects polka dots: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-22687 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asmedia Tuaug4 allows Reflected XSS.This issue affects Tuaug4: from n/a through 1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-22678 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mythemes my white allows Reflected XSS.This issue affects my white: from n/a through 2.0.8.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-48280 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ruben Garcia AutomatorWP allows Blind SQL Injection. This issue affects AutomatorWP: from n/a through 5.2.1.3.
CVSS: HIGH (7.6) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-48278 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in davidfcarr RSVPMarker allows SQL Injection. This issue affects RSVPMarker : from n/a through 11.5.6.
CVSS: HIGH (8.5) EPSS Score: 0.03%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-48238 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in awcode AWcode Toolkit allows Stored XSS. This issue affects AWcode Toolkit: from n/a through 1.0.18.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-48236 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bunny.net bunny.net allows Stored XSS. This issue affects bunny.net: from n/a through 2.3.0.
CVSS: HIGH (8.5) EPSS Score: 0.05%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-48233 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in affmngr Affiliates Manager Google reCAPTCHA Integration allows Stored XSS. This issue affects Affiliates Manager Google reCAPTCHA Integration: from n/a through 1.0.6.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 19th, 2025 (19 days ago)
|
|
CVE-2024-13613 |
Description: The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments included in chat messages. The vulnerability was partially patched in version 3.3.3.
CVSS: HIGH (7.5) EPSS Score: 0.07%
May 17th, 2025 (21 days ago)
|