Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-46452 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Olav Kolbu Google News allows Stored XSS. This issue affects Google News: from n/a through 2.5.1.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-46450 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan allows Stored XSS. This issue affects occupancyplan: from n/a through 1.0.3.0.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-46449 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Novium WoWHead Tooltips allows Stored XSS. This issue affects WoWHead Tooltips: from n/a through 2.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-46442 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Casey Johnson Loan Calculator allows Stored XSS. This issue affects Loan Calculator: from n/a through 1.3.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-46439 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Plugin Central allows Path Traversal. This issue affects Plugin Central: from n/a through 2.5.1.
CVSS: HIGH (7.4) EPSS Score: 0.02%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-46435 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Yash Binani Time Based Greeting allows Stored XSS. This issue affects Time Based Greeting: from n/a through 2.2.2.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-46234 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Habibur Rahman Razib Control Listings allows Reflected XSS. This issue affects Control Listings: from n/a through 1.0.4.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-46230 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GhozyLab Popup Builder allows PHP Local File Inclusion. This issue affects Popup Builder: from n/a through 1.1.35.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39408 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress BruteGuard – Brute Force Login Protection allows Reflected XSS. This issue affects BruteGuard – Brute Force Login Protection: from n/a through 0.1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39400 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration allows Reflected XSS. This issue affects User Registration: from n/a through n/a.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 24th, 2025 (about 1 month ago)
|