Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31078 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition allows Reflected XSS. This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through 5.2.18.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30913 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in podpirate Access Areas allows Reflected XSS. This issue affects Access Areas: from n/a through 1.5.19.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30906 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coffee Code Tech Plugin Oficial – Getnet para WooCommerce allows Reflected XSS. This issue affects Plugin Oficial – Getnet para WooCommerce: from n/a through 1.7.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30905 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking allows Stored XSS. This issue affects Secure Copy Content Protection and Content Locking: from n/a through 4.4.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30892 |
Description: Deserialization of Untrusted Data vulnerability in magepeopleteam WpTravelly allows Object Injection. This issue affects WpTravelly: from n/a through 1.8.7.
CVSS: HIGH (8.8) EPSS Score: 0.05%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30852 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in emotionalonlinestorytelling Oracle Cards Lite allows Reflected XSS. This issue affects Oracle Cards Lite: from n/a through 1.2.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30844 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Watu Quiz allows Reflected XSS. This issue affects Watu Quiz: from n/a through 3.4.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30825 |
Description: Missing Authorization vulnerability in WPClever WPC Smart Linked Products - Upsells & Cross-sells for WooCommerce allows Privilege Escalation. This issue affects WPC Smart Linked Products - Upsells & Cross-sells for WooCommerce: from n/a through 1.3.5.
CVSS: HIGH (8.8) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30778 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Ratudi VForm allows Reflected XSS. This issue affects VForm: from n/a through 3.1.9.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-30554 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Frizzly allows Reflected XSS. This issue affects Frizzly: from n/a through 1.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|