Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-39376 |
Description: Missing Authorization vulnerability in QuanticaLabs Car Park Booking System for WordPress.This issue affects Car Park Booking System for WordPress: from n/a through 2.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39375 |
WordPress Easy Child Theme Creator plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ashok G Easy Child Theme Creator allows Cross Site Request Forgery.This issue affects Easy Child Theme Creator: from n/a through 1.3.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39373 |
Description: Missing Authorization vulnerability in jegtheme JNews.This issue affects JNews: from n/a through 11.6.5.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39371 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Author Box Plugin With Different Description allows Cross Site Request Forgery.This issue affects Author Box Plugin With Different Description: from n/a through 1.3.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.02% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39369 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sihibbs Posts for Page allows DOM-Based XSS.This issue affects Posts for Page: from n/a through 2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39368 |
Description: Missing Authorization vulnerability in ed4becky Rootspersona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rootspersona: from n/a through 3.7.5.
CVSS: MEDIUM (5.3) EPSS Score: 0.04% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39353 |
Description: Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant WordPress: from n/a through 7.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-39351 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Restaurant WordPress allows Cross Site Request Forgery.This issue affects Grand Restaurant WordPress: from n/a through 7.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-32920 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Stored XSS.This issue affects TI WooCommerce Wishlist: from n/a through 2.9.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03% SSVC Exploitation: none
May 19th, 2025 (19 days ago)
|
|
CVE-2025-26920 |
Description: Missing Authorization vulnerability in PressMaximum Customify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customify: from n/a through 0.4.8.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 19th, 2025 (19 days ago)
|