Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24651 |
Description: Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration allows Retrieve Embedded Sensitive Data. This issue affects WordPress Backup & Migration: from n/a through 1.5.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-24583 |
Description: Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a through 3.16.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-24581 |
Description: Missing Authorization vulnerability in Themefic Instantio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Instantio: from n/a through 3.3.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-24577 |
Description: Missing Authorization vulnerability in Ays Pro Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Poll Maker: from n/a through 5.5.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-24550 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JobScore Job Manager allows Stored XSS. This issue affects Job Manager: from n/a through 2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-23958 |
Description: Missing Authorization vulnerability in FADI MED Editor Wysiwyg Background Color allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Editor Wysiwyg Background Color: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-23906 |
Description: Missing Authorization vulnerability in wpseek WordPress Dashboard Tweeter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Dashboard Tweeter: from n/a through 1.3.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-23773 |
Description: Missing Authorization vulnerability in mingocommerce Delete All Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Delete All Posts: from n/a through 1.1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (1 day ago)
|
|
CVE-2025-22771 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Studio Hyperset The Great Firewords of China allows Stored XSS. This issue affects The Great Firewords of China: from n/a through 1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03% SSVC Exploitation: none
April 17th, 2025 (1 day ago)
|
|
CVE-2025-22340 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Data Dash allows Stored XSS. This issue affects Data Dash: from n/a through 1.2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03% SSVC Exploitation: none
April 17th, 2025 (1 day ago)
|