Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32624
WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Description: Missing Authorization vulnerability in czater Czater.pl – live chat i telefon allows Cross Site Request Forgery. This issue affects Czater.pl – live chat i telefon: from n/a through 1.0.5.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32623
WordPress PlainInventory plugin <= 3.1.9 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in plainware PlainInventory allows Stored XSS. This issue affects PlainInventory: from n/a through 3.1.9.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32621
WordPress WP Map Route Planner plugin <= 1.0.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital WP Map Route Planner allows Cross Site Request Forgery. This issue affects WP Map Route Planner: from n/a through 1.0.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32619
WordPress KeyCAPTCHA plugin <= 2.5.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in KeyCAPTCHA KeyCAPTCHA allows Stored XSS. This issue affects KeyCAPTCHA: from n/a through 2.5.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32617
WordPress Multiple Location Google Map plugin <= 1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ydesignservices Multiple Location Google Map allows Stored XSS. This issue affects Multiple Location Google Map: from n/a through 1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32616
WordPress Nimbata Call Tracking plugin <= 1.7.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in nimbata Nimbata Call Tracking allows Stored XSS. This issue affects Nimbata Call Tracking: from n/a through 1.7.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32612
WordPress User Session Synchronizer plugin <= 1.4.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in rafasashi User Session Synchronizer allows Stored XSS. This issue affects User Session Synchronizer: from n/a through 1.4.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32610
WordPress Foliopress WYSIWYG plugin <= 2.6.18 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Foliovision: Making the web work for you Foliopress WYSIWYG allows Cross Site Request Forgery. This issue affects Foliopress WYSIWYG: from n/a through 2.6.18.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32597
WordPress WordPress Events Calendar Plugin – connectDaily plugin <= 1.4.8 - CSRF to Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily allows Cross-Site Scripting (XSS). This issue affects WordPress Events Calendar Plugin – connectDaily: from n/a through 1.4.8.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)

CVE-2025-32591
WordPress WP Abstracts Plugin <= 2.7.4 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts allows Cross Site Request Forgery. This issue affects WP Abstracts: from n/a through 2.7.4.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (11 days ago)