Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-39399 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashraful Sarkar Naiem License For Envato allows PHP Local File Inclusion. This issue affects License For Envato: from n/a through 1.0.0.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39397 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in [email protected] Anything Popup allows Reflected XSS. This issue affects Anything Popup: from n/a through 7.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39391 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zamartz Checkout Field Visibility for WooCommerce allows PHP Local File Inclusion. This issue affects Checkout Field Visibility for WooCommerce: from n/a through 1.2.3.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39387 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPoperation Opstore allows PHP Local File Inclusion. This issue affects Opstore: from n/a through 1.4.5.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39384 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cedcommerce Product Lister for eBay allows PHP Local File Inclusion. This issue affects Product Lister for eBay: from n/a through 2.0.9.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39383 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Code Work Web Xews Lite allows PHP Local File Inclusion. This issue affects Xews Lite: from n/a through 1.0.9.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39382 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danielpataki ACF: Google Font Selector allows Reflected XSS. This issue affects ACF: Google Font Selector: from n/a through 3.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39381 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Kiotviet KiotViet Sync allows Stored XSS. This issue affects KiotViet Sync: from n/a through 1.8.4.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39379 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Capturly Capturly allows PHP Local File Inclusion. This issue affects Capturly: from n/a through 2.0.1.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-39378 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows PHP Local File Inclusion. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 24th, 2025 (about 1 month ago)
|