Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-47540 |
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail allows Retrieve Embedded Sensitive Data. This issue affects weMail: from n/a through 1.14.13.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47528 |
Description: Missing Authorization vulnerability in pewilliams Ovation Elements allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ovation Elements: from n/a through 1.1.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47526 |
Description: Missing Authorization vulnerability in GS Plugins GS Variation Swatches for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GS Variation Swatches for WooCommerce: from n/a through 3.0.4.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47525 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder allows Stored XSS. This issue affects Bold Page Builder: from n/a through 5.3.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47524 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in karim42 Quran multilanguage Text & Audio allows Stored XSS. This issue affects Quran multilanguage Text & Audio: from n/a through 2.3.23.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47523 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Lukáš Hartmann Seznam Webmaster allows Cross Site Request Forgery. This issue affects Seznam Webmaster: from n/a through 1.4.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47522 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AWEOS GmbH AWEOS WP Lock allows Stored XSS. This issue affects AWEOS WP Lock: from n/a through 1.4.8.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47521 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery allows Stored XSS. This issue affects Robo Gallery: from n/a through 5.0.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47520 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable allows Stored XSS. This issue affects Charitable: from n/a through 1.8.5.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47519 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal Events allows Cross Site Request Forgery. This issue affects Easy PayPal Events: from n/a through 1.2.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|