Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22767 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in globalpayments GlobalPayments WooCommerce allows Reflected XSS. This issue affects GlobalPayments WooCommerce: from n/a through 1.13.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 28th, 2025 (24 days ago)
|
|
CVE-2025-22575 |
WordPress SUPER RESPONSIVE SLIDER Plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendyourweb SUPER RESPONSIVE SLIDER allows Reflected XSS. This issue affects SUPER RESPONSIVE SLIDER: from n/a through 1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 28th, 2025 (24 days ago)
|
|
CVE-2025-22566 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ULTIMATE VIDEO GALLERY allows Reflected XSS. This issue affects ULTIMATE VIDEO GALLERY: from n/a through 1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 28th, 2025 (24 days ago)
|
|
CVE-2025-22501 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Improve My City Improve My City allows Reflected XSS. This issue affects Improve My City: from n/a through 1.6.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
March 28th, 2025 (24 days ago)
|
|
CVE-2025-22360 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Azure offload allows Reflected XSS. This issue affects WP Azure offload: from n/a through 2.0.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
March 28th, 2025 (24 days ago)
|
|
CVE-2025-22356 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stencies Stencies allows Reflected XSS. This issue affects Stencies: from n/a through 0.58.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
March 28th, 2025 (24 days ago)
|
|
CVE-2024-54362 |
Description: Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue affects GetShop ecommerce: from n/a through 1.3.
CVSS: HIGH (8.1) EPSS Score: 0.06%
March 28th, 2025 (24 days ago)
|
|
CVE-2024-54291 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound PluginPass allows Manipulating Web Input to File System Calls. This issue affects PluginPass: from n/a through 0.9.10.
CVSS: HIGH (8.6) EPSS Score: 0.06%
March 28th, 2025 (24 days ago)
|
|
CVE-2024-51624 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jajapagamentos Já-Já Pagamentos for WooCommerce allows Reflected XSS. This issue affects Já-Já Pagamentos for WooCommerce: from n/a through 1.3.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 28th, 2025 (24 days ago)
|
|
CVE-2025-31466 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Falcon Solutions Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 1.0.
CVSS: HIGH (8.5) EPSS Score: 0.03%
March 28th, 2025 (24 days ago)
|