Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32295
WordPress Salon Booking Wordpress plugin <= 10.10.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in wordpresschef Salon Booking Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon Booking Pro: from n/a through 10.10.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-32180
WordPress CSS3 Tooltips for WordPress <= 1.8 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in QuanticaLabs CSS3 Tooltips for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Tooltips for WordPress: from n/a through 1.8.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31923
WordPress CSS3 Accordions for WordPress <= 3.0 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in QuanticaLabs CSS3 Accordions for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Accordions for WordPress: from n/a through 3.0.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31921
WordPress WP Ultimate Tours Builder <= 1.055 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Ultimate Tours Builder allows Cross Site Request Forgery. This issue affects WP Ultimate Tours Builder: from n/a through 1.055.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31915
WordPress Pixel WordPress Form BuilderPlugin & Autoresponder <= 1.0.2 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder allows Cross Site Request Forgery. This issue affects Pixel WordPress Form BuilderPlugin & Autoresponder: from n/a through 1.0.2.

CVSS: MEDIUM (5.4)

EPSS Score: 0.02%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31639
WordPress Spare <= 1.7 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request Forgery. This issue affects Spare: from n/a through 1.7.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31630
WordPress The Business <= 1.6.1 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in themeton The Business allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Business: from n/a through 1.6.1.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31071
WordPress HotStar – Multi-Purpose Business Theme <= 1.4 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31068
WordPress Seven Stars <= 1.4.4 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in themeton Seven Stars allows Cross Site Request Forgery. This issue affects Seven Stars: from n/a through 1.4.4.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
May 16th, 2025 (23 days ago)

CVE-2025-31066
WordPress Acerola <= 1.6.5 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in themeton Acerola allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Acerola: from n/a through 1.6.5.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
May 16th, 2025 (23 days ago)