Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-31879
WordPress Barcode Generator for WooCommerce plugin <= 2.0.4 - Settings Change vulnerability
Description: Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Barcode Generator for WooCommerce: from n/a through 2.0.4.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31878
WordPress UPC/EAN/GTIN Code Generator plugin <= 2.0.2 - Settings Change vulnerability
Description: Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects UPC/EAN/GTIN Code Generator: from n/a through 2.0.2.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31877
WordPress RestroPress plugin <= 3.1.8.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Magnigenie RestroPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RestroPress: from n/a through 3.1.8.4.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31875
WordPress FancyPost plugin <= 6.0.1 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluginic FancyPost allows DOM-Based XSS. This issue affects FancyPost: from n/a through 6.0.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31874
WordPress WebberZone Snippetz plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay WebberZone Snippetz allows Stored XSS. This issue affects WebberZone Snippetz: from n/a through 2.1.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31873
WordPress SheetDB Plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sheetdb SheetDB allows Stored XSS. This issue affects SheetDB: from n/a through 1.3.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31872
WordPress WP Clone any post type Plugin <= 3.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Clone any post type: from n/a through 3.4.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31871
WordPress WP Clone any post type Plugin <= 3.4 - Open Redirect vulnerability
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Galaxy Weblinks WP Clone any post type allows Phishing. This issue affects WP Clone any post type: from n/a through 3.4.

CVSS: MEDIUM (4.7)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31870
WordPress WP AutoKeyword plugin <= 1.0 - Arbitrary Content Deletion vulnerability
Description: Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP AutoKeyword: from n/a through 1.0.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 1st, 2025 (20 days ago)

CVE-2025-31869
WordPress Black Widgets For Elementor plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS. This issue affects Black Widgets For Elementor: from n/a through 1.3.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 1st, 2025 (20 days ago)