Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31868 |
Description: Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31867 |
Description: Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31866 |
Description: Missing Authorization vulnerability in Ship Depot ShipDepot for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ShipDepot for WooCommerce: from n/a through 1.2.19.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31865 |
Description: Missing Authorization vulnerability in CartBoss SMS Abandoned Cart Recovery ✦ CartBoss allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SMS Abandoned Cart Recovery ✦ CartBoss: from n/a through 4.1.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31864 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Out the Box Beam me up Scotty – Back to Top Button allows Stored XSS. This issue affects Beam me up Scotty – Back to Top Button: from n/a through 1.0.23.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31863 |
Description: Missing Authorization vulnerability in inspry Agency Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Agency Toolkit: from n/a through 1.0.23.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31862 |
Description: Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Job Board Manager: from n/a through 2.1.60.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31861 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPOrbit Support Perfect Font Awesome Integration allows Stored XSS. This issue affects Perfect Font Awesome Integration: from n/a through 2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31860 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter allows Stored XSS. This issue affects WP AdCenter: from n/a through 2.5.9.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31859 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Feedbucket Feedbucket – Website Feedback Tool allows Cross Site Request Forgery. This issue affects Feedbucket – Website Feedback Tool: from n/a through 1.0.6.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
April 1st, 2025 (20 days ago)
|