Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48262 |
Description: Missing Authorization vulnerability in Michael Revellin-Clerc Url Rewrite Analyzer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Url Rewrite Analyzer: from n/a through 1.3.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48260 |
Description: Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48259 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico España allows Cross Site Request Forgery. This issue affects WP Mapa Politico España: from n/a through 3.8.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48258 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jetmonsters Mega Menu Block allows Stored XSS. This issue affects Mega Menu Block: from n/a through 1.0.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48257 |
Description: Missing Authorization vulnerability in Projectopia Projectopia allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Projectopia: from n/a through 5.1.17.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48256 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a through 1.8.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48255 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross Site Request Forgery. This issue affects Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP: from n/a through 6.2.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48254 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce allows Stored XSS. This issue affects Change Add to Cart Button Text for WooCommerce: from n/a through 2.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48253 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce allows Stored XSS. This issue affects Free Shipping Bar: Amount Left for Free Shipping for WooCommerce: from n/a through 2.4.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48252 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS. This issue affects Back Button Widget: from n/a through 1.6.8.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|