Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31847 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themelooks mFolio Lite allows DOM-Based XSS. This issue affects mFolio Lite: from n/a through 1.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31846 |
Description: Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Theater for WordPress: from n/a through 0.18.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31845 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Rohit Choudhary Theme Duplicator allows Cross Site Request Forgery. This issue affects Theme Duplicator: from n/a through 1.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31844 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Blocks allows Stored XSS. This issue affects Magical Blocks: from n/a through 1.0.10.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31843 |
Description: Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OpenAI Tools for WordPress & WooCommerce: from n/a through 2.1.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31842 |
Description: Insertion of Sensitive Information Into Sent Data vulnerability in viralloops Viral Loops WP Integration allows Retrieve Embedded Sensitive Data. This issue affects Viral Loops WP Integration: from n/a through 3.4.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31840 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in digireturn Simple Fixed Notice allows Cross Site Request Forgery. This issue affects Simple Fixed Notice: from n/a through 1.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31839 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in digireturn DN Footer Contacts allows Cross Site Request Forgery. This issue affects DN Footer Contacts: from n/a through 1.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31838 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eventbee Eventbee RSVP Widget allows DOM-Based XSS. This issue affects Eventbee RSVP Widget: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31837 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|