Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31857 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Directorist AddonsKit for Elementor allows Stored XSS. This issue affects Directorist AddonsKit for Elementor: from n/a through 1.1.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31856 |
Description: Missing Authorization vulnerability in brainvireinfo Export All Post Meta allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Export All Post Meta: from n/a through 1.2.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31855 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in softnwords SMM API allows Stored XSS. This issue affects SMM API: from n/a through 6.0.27.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31854 |
Description: Missing Authorization vulnerability in Sharaz Shahid Simple Sticky Add To Cart For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Sticky Add To Cart For WooCommerce: from n/a through 1.4.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31853 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erez Hadas-Sonnenschein Smartarget Popup allows Stored XSS. This issue affects Smartarget Popup: from n/a through 1.4.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31852 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in N-Media Bulk Product Sync allows Cross Site Request Forgery. This issue affects Bulk Product Sync: from n/a through 8.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31851 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markkinchin Beds24 Online Booking allows Stored XSS. This issue affects Beds24 Online Booking: from n/a through 2.0.26.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31850 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder allows Stored XSS. This issue affects PDF Generator Addon for Elementor Page Builder: from n/a through 1.7.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31849 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fbtemplates Nemesis All-in-One allows Stored XSS. This issue affects Nemesis All-in-One: from n/a through 1.1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31848 |
Description: Missing Authorization vulnerability in WPFactory WordPress Adverts Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Adverts Plugin: from n/a through 1.4.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|