Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30636	WordPress Accessibility Suite <= 4.19 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in Ability, Inc Accessibility Suite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Suite: from n/a through 4.19. CVSS: MEDIUM (5.4) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-30634	WordPress WP Featured Content Slider <= 2.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IWEBIX WP Featured Content Slider allows Stored XSS. This issue affects WP Featured Content Slider: from n/a through 2.6. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-30632	WordPress Global Translator <= 2.0.2 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in pozzad Global Translator allows Cross Site Request Forgery. This issue affects Global Translator: from n/a through 2.0.2. CVSS: MEDIUM (5.4) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-30630	WordPress Global Translator <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pozzad Global Translator allows Stored XSS. This issue affects Global Translator: from n/a through 2.0.2. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-30629	WordPress Bitly URL Shortener <= 1.3.3 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Codehaveli Bitly URL Shortener allows Cross Site Request Forgery. This issue affects Bitly URL Shortener: from n/a through 1.3.3. CVSS: MEDIUM (4.3) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-30627	WordPress Elegant Visitor Counter <= 3.1 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in regolithsjk Elegant Visitor Counter allows Stored XSS. This issue affects Elegant Visitor Counter: from n/a through 3.1. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-30625	WordPress AppBanners <= 1.5.14 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Pramschufer AppBanners allows Stored XSS. This issue affects AppBanners: from n/a through 1.5.14. CVSS: MEDIUM (5.9) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-30624	WordPress WordLift <= 3.54.4 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in WordLift WordLift allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordLift: from n/a through 3.54.4. CVSS: MEDIUM (4.3) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-29013	WordPress Custom Category/Post Type Post order <= 1.5.9 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in faaiq Custom Category/Post Type Post order allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Custom Category/Post Type Post order: from n/a through 1.5.9. CVSS: MEDIUM (5.4) Source: CVE June 6th, 2025 (about 5 hours ago)
CVE-2025-29011	WordPress YouTube Simple Gallery <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer YouTube Simple Gallery allows Stored XSS. This issue affects YouTube Simple Gallery: from n/a through 2.2.0. CVSS: MEDIUM (6.5) Source: CVE June 6th, 2025 (about 5 hours ago)