Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31824 |
Description: Server-Side Request Forgery (SSRF) vulnerability in Wombat Plugins WP Optin Wheel allows Server Side Request Forgery. This issue affects WP Optin Wheel: from n/a through 1.4.7.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31823 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpoperations WPoperation Elementor Addons allows Stored XSS. This issue affects WPoperation Elementor Addons: from n/a through 1.1.9.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31822 |
Description: Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Simple HTML Sitemap: from n/a through 3.2.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31821 |
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integration of Zoho CRM and Contact Form 7 allows Phishing. This issue affects Integration of Zoho CRM and Contact Form 7: from n/a through 1.0.6.
CVSS: MEDIUM (4.7) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31820 |
Description: Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Automatic Featured Images from Videos: from n/a through 1.2.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31818 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ContentBot.ai ContentBot AI Writer allows Stored XSS. This issue affects ContentBot AI Writer: from n/a through 1.2.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31817 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWheels BlockWheels allows DOM-Based XSS. This issue affects BlockWheels: from n/a through 1.0.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31816 |
Description: Missing Authorization vulnerability in pietro Mobile App Canvas allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mobile App Canvas: from n/a through 3.8.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31815 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devscred Design Blocks allows Stored XSS. This issue affects Design Blocks: from n/a through 1.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (20 days ago)
|
|
CVE-2025-31814 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in OwnerRez OwnerRez allows Cross Site Request Forgery. This issue affects OwnerRez: from n/a through 1.2.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (20 days ago)
|