Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30849 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate allows PHP Local File Inclusion. This issue affects Essential Real Estate: from n/a through 5.2.0.
CVSS: HIGH (8.1) EPSS Score: 0.15%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30848 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Hostel allows Reflected XSS. This issue affects Hostel: from n/a through 1.1.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30840 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-dictionary allows Reflected XSS. This issue affects xili-dictionary: from n/a through 2.12.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30837 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristiano Zanca WooCommerce Fattureincloud allows Reflected XSS. This issue affects WooCommerce Fattureincloud: from n/a through 2.6.7.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30834 |
Description: Path Traversal vulnerability in Bit Apps Bit Assist allows Path Traversal. This issue affects Bit Assist: from n/a through 1.5.4.
CVSS: HIGH (7.5) EPSS Score: 0.05%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30827 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saleswonder Team Tobias WP2LEADS allows Reflected XSS. This issue affects WP2LEADS: from n/a through 3.4.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30808 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weblizar About Author allows Reflected XSS. This issue affects About Author: from n/a through 1.6.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30798 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rickonline_nl Better WishList API allows Reflected XSS. This issue affects Better WishList API: from n/a through 1.1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30797 |
Description: Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool – Fix peralinks, accents, auto create menus and more allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Greek Multi Tool – Fix peralinks, accents, auto create menus and more: from n/a through 2.3.1.
CVSS: HIGH (7.5) EPSS Score: 0.05%
April 1st, 2025 (21 days ago)
|
|
CVE-2025-30796 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended allows Reflected XSS. This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through 3.0.14.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (21 days ago)
|