Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32523 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in payphone WooCommerce – Payphone Gateway allows Reflected XSS. This issue affects WooCommerce – Payphone Gateway: from n/a through 3.2.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32519 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeAtelier IDonate allows PHP Local File Inclusion. This issue affects IDonate: from n/a through 2.1.8.
CVSS: HIGH (8.1) EPSS Score: 0.15%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32517 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SCAND MultiMailer allows Reflected XSS. This issue affects MultiMailer: from n/a through 1.0.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32509 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPMinds Simple WP Events allows Path Traversal. This issue affects Simple WP Events: from n/a through 1.8.17.
CVSS: HIGH (7.5) EPSS Score: 0.06%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32144 |
Description: Deserialization of Untrusted Data vulnerability in PickPlugins Job Board Manager allows Object Injection. This issue affects Job Board Manager: from n/a through 2.1.60.
CVSS: HIGH (8.8) EPSS Score: 0.05%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32143 |
Description: Deserialization of Untrusted Data vulnerability in PickPlugins Accordion allows Object Injection. This issue affects Accordion: from n/a through 2.3.10.
CVSS: HIGH (8.8) EPSS Score: 0.05%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-31379 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in programphases Insert HTML Here allows Reflected XSS. This issue affects Insert HTML Here: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-31378 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danbwb Oppso Unit Converter allows Reflected XSS. This issue affects Oppso Unit Converter: from n/a through 1.1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-31041 |
Description: Missing Authorization vulnerability in NotFound AnyTrack Affiliate Link Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AnyTrack Affiliate Link Manager: from n/a through 1.0.4.
CVSS: HIGH (7.5) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-31040 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound WP Food ordering and Restaurant Menu allows PHP Local File Inclusion. This issue affects WP Food ordering and Restaurant Menu: from n/a through 1.1.
CVSS: HIGH (8.1) EPSS Score: 0.15%
April 11th, 2025 (9 days ago)
|