Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-31890
WordPress Simple Map No Api plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mashi Simple Map No Api allows Stored XSS. This issue affects Simple Map No Api: from n/a through 1.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31888
WordPress WP Multi Store Locator Plugin <= 2.5.2 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in WPExperts.io WP Multistore Locator allows Cross Site Request Forgery. This issue affects WP Multistore Locator: from n/a through 2.5.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31887
WordPress MyBookProgress plugin <= 1.0.8 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in zookatron MyBookProgress by Stormhill Media allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MyBookProgress by Stormhill Media: from n/a through 1.0.8.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31886
WordPress Social proof testimonials and reviews by Repuso plugin <= 5.21 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social proof testimonials and reviews by Repuso: from n/a through 5.21.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31885
WordPress Hyperlink Group Block plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Floeter Hyperlink Group Block allows DOM-Based XSS. This issue affects Hyperlink Group Block: from n/a through 2.0.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31884
WordPress Norse Rune Oracle Plugin plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CMS Ninja Norse Rune Oracle Plugin allows Stored XSS. This issue affects Norse Rune Oracle Plugin: from n/a through 1.4.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31883
WordPress WebinarPress plugin <= 1.33.27 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWebinarSystem WebinarPress allows Stored XSS. This issue affects WebinarPress: from n/a through 1.33.27.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31882
WordPress WordPress Webinar Plugin <= 1.33.27 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WPWebinarSystem WebinarPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WebinarPress: from n/a through 1.33.27.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31881
WordPress Pearl plugin <= 1.3.9 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Stylemix Pearl allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pearl: from n/a through 1.3.9.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31880
WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Stylemix Pearl allows Cross Site Request Forgery. This issue affects Pearl: from n/a through 1.3.9.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
April 1st, 2025 (20 days ago)