Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-30564
WordPress Custom Script Integration - <= <= 2.1 Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in wpwox Custom Script Integration allows Stored XSS. This issue affects Custom Script Integration: from n/a through 2.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30561
WordPress CAS Maestro plugin <= 1.1.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Henrique Mouta CAS Maestro allows Stored XSS. This issue affects CAS Maestro: from n/a through 1.1.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30560
WordPress jQuery Dropdown Menu plugin <= 3.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sana Ullah jQuery Dropdown Menu allows Stored XSS. This issue affects jQuery Dropdown Menu: from n/a through 3.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30558
WordPress ANAC XML Render plugin <= 1.5.7 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in EnzoCostantini55 ANAC XML Render allows Stored XSS. This issue affects ANAC XML Render: from n/a through 1.5.7.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30555
WordPress WordPres 同步微博 plugin <= 1.1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in iiiryan WordPres 同步微博 allows Stored XSS. This issue affects WordPres 同步微博: from n/a through 1.1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30552
WordPress WordPress Admin Bar Improved plugin <= 3.3.5 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Donald Gilbert WordPress Admin Bar Improved allows Stored XSS. This issue affects WordPress Admin Bar Improved: from n/a through 3.3.5.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30550
WordPress CallPhone'r plugin <= 1.1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r allows Stored XSS. This issue affects CallPhone'r: from n/a through 1.1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30525
WordPress WP Profitshare plugin <= 1.4.9 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ProfitShare.ro WP Profitshare allows SQL Injection. This issue affects WP Profitshare: from n/a through 1.4.9.

CVSS: HIGH (7.6)

EPSS Score: 0.04%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30523
WordPress Super Simple Subscriptions plugin <= 1.1.0 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marcel-NL Super Simple Subscriptions allows SQL Injection. This issue affects Super Simple Subscriptions: from n/a through 1.1.0.

CVSS: HIGH (7.6)

EPSS Score: 0.04%

Source: CVE
March 24th, 2025 (29 days ago)

CVE-2025-30522
WordPress Contact Form 7 Material Design plugin <= 1.0.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design allows Stored XSS. This issue affects Contact Form 7 Material Design: from n/a through 1.0.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 24th, 2025 (29 days ago)