Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32593 |
Description: Missing Authorization vulnerability in Bytes Technolab Add Product Frontend for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Add Product Frontend for WooCommerce: from n/a through 1.0.6.
CVSS: HIGH (8.2) EPSS Score: 0.04%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32592 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 TableOn – WordPress Posts Table Filterable allows Stored XSS. This issue affects TableOn – WordPress Posts Table Filterable: from n/a through 1.0.3.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32590 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tzin111 Web2application allows Reflected XSS. This issue affects Web2application: from n/a through 5.6.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32588 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Credova Financial Credova_Financial allows Reflected XSS. This issue affects Credova_Financial: from n/a through 2.4.8.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32582 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EXEIdeas International WP AutoKeyword allows Stored XSS. This issue affects WP AutoKeyword: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32578 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapro Collins Coming Soon Countdown allows Reflected XSS. This issue affects Coming Soon Countdown: from n/a through 2.2.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32573 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kiotviet KiotViet Sync allows SQL Injection. This issue affects KiotViet Sync: from n/a through 1.8.3.
CVSS: HIGH (8.5) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32571 |
Description: Deserialization of Untrusted Data vulnerability in turitop TuriTop Booking System allows Object Injection. This issue affects TuriTop Booking System: from n/a through 1.0.10.
CVSS: HIGH (8.8) EPSS Score: 0.04%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32566 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashraful Sarkar Naiem License For Envato allows Reflected XSS. This issue affects License For Envato: from n/a through 1.0.0.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|
|
CVE-2025-32564 |
WordPress Stop Registration Spam Plugin <= 1.24 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tomroyal Stop Registration Spam allows Reflected XSS. This issue affects Stop Registration Spam: from n/a through 1.24.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (2 days ago)
|