Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32235
WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.9.4.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32234
WordPress AdMail plugin <= 1.7.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in aleswebs AdMail – Multilingual Back in-Stock Notifier for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AdMail – Multilingual Back in-Stock Notifier for WooCommerce: from n/a through 1.7.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32233
WordPress Revive.so <= 2.0.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WP Chill Revive.so – Bulk Rewrite and Republish Blog Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Revive.so – Bulk Rewrite and Republish Blog Posts: from n/a through 2.0.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32232
WordPress StaffList plugin <= 3.2.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in ERA404 StaffList allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaffList: from n/a through 3.2.6.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32231
WordPress Bookingor plugin <= 1.0.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Bookingor Bookingor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bookingor: from n/a through 1.0.6.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32229
WordPress Variable Inspector plugin <= 2.6.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Bowo Variable Inspector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Variable Inspector: from n/a through 2.6.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32226
WordPress Display product variations dropdown on shop page plugin <= 1.1.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Anzar Ahmed Display product variations dropdown on shop page allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Display product variations dropdown on shop page: from n/a through 1.1.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32225
WordPress WP Event Manager plugin <= 3.1.47 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WP Event Manager WP Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Event Manager: from n/a through 3.1.47.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32224
WordPress Privyr CRM plugin <= 1.0.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in shivammani Privyr CRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Privyr CRM: from n/a through 1.0.1.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 4th, 2025 (16 days ago)

CVE-2025-32220
WordPress Salon Booking System plugin <= 10.10.7 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon booking system: from n/a through 10.10.7.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 4th, 2025 (16 days ago)