Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-39582
WordPress WP Data Access <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Passionate Programmer Peter WP Data Access allows DOM-Based XSS. This issue affects WP Data Access: from n/a through 5.5.36.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39581
WordPress Themify Shortcodes <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Shortcodes allows Stored XSS. This issue affects Themify Shortcodes: from n/a through 2.1.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39579
WordPress Membership For WooCommerce <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Swings Membership For WooCommerce allows DOM-Based XSS. This issue affects Membership For WooCommerce: from n/a through 2.8.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39578
WordPress Responsive Blocks <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks allows Stored XSS. This issue affects Responsive Blocks: from n/a through 2.0.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39577
WordPress PropertyHive <= 2.1.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Property Hive PropertyHive allows Stored XSS. This issue affects PropertyHive: from n/a through 2.1.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39576
WordPress WPAdverts <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts allows Stored XSS. This issue affects WPAdverts: from n/a through 2.2.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39575
WordPress WPCasa <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPSight WPCasa allows Stored XSS. This issue affects WPCasa: from n/a through 1.3.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39574
WordPress Uix Shortcodes <= 2.0.4 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UIUX Lab Uix Shortcodes allows Stored XSS. This issue affects Uix Shortcodes: from n/a through 2.0.4.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39573
WordPress WP Posts Carousel <= 1.3.10 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teastudio.pl WP Posts Carousel allows Stored XSS. This issue affects WP Posts Carousel: from n/a through 1.3.10.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39572
WordPress Checkout for PayPal <= 1.0.38 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Checkout for PayPal allows Stored XSS. This issue affects Checkout for PayPal: from n/a through 1.0.38.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)