Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-46522
WordPress Tabs plugin <= 4.0.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Billy Bryant Tabs allows Stored XSS. This issue affects Tabs: from n/a through 4.0.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46520
WordPress Related Posts via Taxonomies plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in alphasis Related Posts via Taxonomies allows Stored XSS. This issue affects Related Posts via Taxonomies: from n/a through 1.0.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46516
WordPress Twitter Card Generator plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in silencecm Twitter Card Generator allows Stored XSS. This issue affects Twitter Card Generator: from n/a through 1.0.5.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46514
WordPress Milat jQuery Automatic Popup plugin <= 1.3.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in milat Milat jQuery Automatic Popup allows Stored XSS. This issue affects Milat jQuery Automatic Popup: from n/a through 1.3.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46512
WordPress Custom Functions Plugin plugin <= 1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Shamim Hasan Custom Functions Plugin allows Stored XSS. This issue affects Custom Functions Plugin: from n/a through 1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46510
WordPress Contact Form 7 Calendar plugin <= 3.0.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in harrysudana Contact Form 7 Calendar allows Stored XSS. This issue affects Contact Form 7 Calendar: from n/a through 3.0.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46508
WordPress Advanced lazy load plugin <= 1.6.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in kasonzhao Advanced lazy load allows Stored XSS. This issue affects Advanced lazy load: from n/a through 1.6.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46507
WordPress Unsafe Mimetypes plugin <= 0.1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in ldrumm Unsafe Mimetypes allows Stored XSS. This issue affects Unsafe Mimetypes: from n/a through 0.1.4.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46506
WordPress WpZon – Amazon Affiliate Plugin plugin <= 1.3 - CSRF to XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Lora77 WpZon – Amazon Affiliate Plugin allows Reflected XSS. This issue affects WpZon – Amazon Affiliate Plugin: from n/a through 1.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)

CVE-2025-46504
WordPress Vasaio QR Code plugin <= 1.2.5 - CSRF to XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Olar Marius Vasaio QR Code allows Stored XSS. This issue affects Vasaio QR Code: from n/a through 1.2.5.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 24th, 2025 (about 1 month ago)