Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30820 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in HT Plugins WishSuite allows PHP Local File Inclusion. This issue affects WishSuite: from n/a through 1.4.4.
CVSS: HIGH (7.5) EPSS Score: 0.13%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30819 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Igor Benic Simple Giveaways allows SQL Injection. This issue affects Simple Giveaways: from n/a through 2.48.1.
CVSS: HIGH (8.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30814 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme The Post Grid allows PHP Local File Inclusion. This issue affects The Post Grid: from n/a through 7.7.17.
CVSS: HIGH (7.5) EPSS Score: 0.13%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30810 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smackcoders Lead Form Data Collection to CRM allows Blind SQL Injection. This issue affects Lead Form Data Collection to CRM: from n/a through 3.0.1.
CVSS: HIGH (8.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30806 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Constantin Boiangiu Vimeotheque allows SQL Injection. This issue affects Vimeotheque: from n/a through 2.3.4.2.
CVSS: HIGH (8.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30791 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce allows SQL Injection. This issue affects Cart tracking for WooCommerce: from n/a through 1.0.16.
CVSS: HIGH (7.6) EPSS Score: 0.04%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30788 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows SQL Injection. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08.
CVSS: HIGH (8.2) EPSS Score: 0.02%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30787 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows Stored XSS. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30785 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite allows PHP Local File Inclusion. This issue affects Subscribe to Download Lite: from n/a through 1.2.9.
CVSS: HIGH (7.5) EPSS Score: 0.13%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30784 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Shuffle WP Subscription Forms allows SQL Injection. This issue affects WP Subscription Forms: from n/a through 1.2.3.
CVSS: HIGH (8.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|