Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-31603
WordPress CF7 Spreadsheets plugin <= 2.3.2 - Settings Change vulnerability
Description: Missing Authorization vulnerability in moshensky CF7 Spreadsheets allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 Spreadsheets: from n/a through 2.3.2.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31602
WordPress Apimo Connector plugin <= 2.6.3.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in apimofficiel Apimo Connector allows Cross Site Request Forgery. This issue affects Apimo Connector: from n/a through 2.6.3.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31601
WordPress Appointy Appointment Scheduler plugin <= 4.2.1 - CSRF to Settings Change vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in appointy Appointy Appointment Scheduler allows Cross Site Request Forgery. This issue affects Appointy Appointment Scheduler: from n/a through 4.2.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.02%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31600
WordPress DesignO plugin <= 2.2.0 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in designnbuy DesignO allows Cross Site Request Forgery. This issue affects DesignO: from n/a through 2.2.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31598
WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.0 - Stored Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerce allows Stored XSS. This issue affects Quantity Dynamic Pricing & Bulk Discounts for WooCommerce: from n/a through 4.0.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31597
WordPress Ultimate Live Cricket WordPress Lite plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in crazycric Ultimate Live Cricket WordPress Lite allows Stored XSS. This issue affects Ultimate Live Cricket WordPress Lite: from n/a through 1.4.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31596
WordPress Chat by Chatwee plugin <= 2.1.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Chatwee Chat by Chatwee allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chat by Chatwee: from n/a through 2.1.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31595
WordPress Timeline Event History plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Timeline Event History allows Stored XSS. This issue affects Timeline Event History: from n/a through 3.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31593
WordPress OpenMenu plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OpenMenu OpenMenu allows Stored XSS. This issue affects OpenMenu: from n/a through 3.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31592
WordPress Send E-mail plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo Melchiorre Send E-mail allows Stored XSS. This issue affects Send E-mail: from n/a through 1.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)