Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30937	WordPress Responsify WP <= 1.9.11 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stefanledin Responsify WP allows Stored XSS. This issue affects Responsify WP: from n/a through 1.9.11. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30935	WordPress Contact Form <= 2.0.12 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NickDuncan Contact Form allows DOM-Based XSS. This issue affects Contact Form: from n/a through 2.0.12. CVSS: MEDIUM (6.5) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30934	WordPress 診断ジェネレータ作成プラグイン <= 1.4.16 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects 診断ジェネレータ作成プラグイン: from n/a through 1.4.16. CVSS: MEDIUM (5.3) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30932	WordPress WP Compress for MainWP <= 6.30.32 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in WP Compress WP Compress for MainWP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Compress for MainWP: from n/a through 6.30.32. CVSS: MEDIUM (5.4) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30931	WordPress «Подсказки» от DaData.ru <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shamil Shafeev «Подсказки» от DaData.ru allows Stored XSS. This issue affects «Подсказки» от DaData.ru: from n/a through 1.0.6. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30930	WordPress ACF: Yandex Maps Field <= 1.1 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unreal Themes ACF: Yandex Maps Field allows Stored XSS. This issue affects ACF: Yandex Maps Field: from n/a through 1.1. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30928	WordPress WP Biographia <= 4.0.0 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vicchi WP Biographia allows Stored XSS. This issue affects WP Biographia: from n/a through 4.0.0. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30927	WordPress Wordapp <= 1.7.0 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in Wordapp Team Wordapp allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wordapp: from n/a through 1.7.0. CVSS: MEDIUM (4.3) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30638	WordPress Powie's Uptime Robot <= 0.9.7 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PowieT Powie's Uptime Robot allows Stored XSS. This issue affects Powie's Uptime Robot: from n/a through 0.9.7. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 4 hours ago)
CVE-2025-30637	WordPress Booking Ultra Pro <= 1.1.20 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Deetronix Booking Ultra Pro allows Stored XSS. This issue affects Booking Ultra Pro: from n/a through 1.1.20. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 4 hours ago)