Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-47591 |
Description: Missing Authorization vulnerability in CreedAlly Bulk Featured Image allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bulk Featured Image: from n/a through 1.2.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47590 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in John Dagelmore WPSpeed allows Cross Site Request Forgery. This issue affects WPSpeed: from n/a through 2.6.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47589 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in motov.net Ebook Store allows DOM-Based XSS. This issue affects Ebook Store: from n/a through 5.8007.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47551 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in ctltwp Wiki Embed allows Cross Site Request Forgery. This issue affects Wiki Embed: from n/a through 1.4.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47550 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload a Web Shell to a Web Server. This issue affects Instantio: from n/a through 3.3.16.
CVSS: MEDIUM (6.6) EPSS Score: 0.06%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47548 |
Description: Server-Side Request Forgery (SSRF) vulnerability in Varun Dubey Wbcom Designs - Activity Link Preview For BuddyPress allows Server Side Request Forgery. This issue affects Wbcom Designs - Activity Link Preview For BuddyPress: from n/a through 1.4.4.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47547 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter allows Stored XSS. This issue affects SendPulse Email Marketing Newsletter: from n/a through 2.1.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47545 |
Description: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker allows Leveraging Race Conditions. This issue affects Poll Maker: from n/a through 5.7.7.
CVSS: MEDIUM (5.3) EPSS Score: 0.06%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47543 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in themetechmount TrueBooker allows Cross Site Request Forgery. This issue affects TrueBooker: from n/a through 1.0.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47542 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor allows Cross Site Request Forgery. This issue affects Simple calendar for Elementor: from n/a through 1.6.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|