Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48251 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Emails & Recipients for WooCommerce allows Stored XSS. This issue affects Additional Custom Emails & Recipients for WooCommerce: from n/a through 3.5.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48250 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Coupons & Add to Cart by URL Links for WooCommerce allows Stored XSS. This issue affects Coupons & Add to Cart by URL Links for WooCommerce: from n/a through 1.7.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48249 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory EAN for WooCommerce allows Stored XSS. This issue affects EAN for WooCommerce: from n/a through 5.4.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48248 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products allows Stored XSS. This issue affects Sitewide Discount for WooCommerce: Apply Discount to All Products: from n/a through 2.2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48247 |
Description: Missing Authorization vulnerability in Blair Williams Shortlinks by Pretty Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortlinks by Pretty Links: from n/a through 3.6.15.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48246 |
Description: Missing Authorization vulnerability in The Events Calendar The Events Calendar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Events Calendar: from n/a through 6.11.2.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48244 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48243 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.26.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48242 |
Description: Missing Authorization vulnerability in wpWax Legal Pages allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Legal Pages: from n/a through 1.4.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|
|
CVE-2025-48240 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Cost of Goods for WooCommerce allows Stored XSS. This issue affects Cost of Goods for WooCommerce: from n/a through 3.7.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (20 days ago)
|