Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31591 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in promoz73 Exit Popup Free allows Stored XSS. This issue affects Exit Popup Free: from n/a through 1.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31590 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denra.com WP Date and Time Shortcode allows Stored XSS. This issue affects WP Date and Time Shortcode: from n/a through 2.6.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31589 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kibru Demeke Ethiopian Calendar allows Stored XSS. This issue affects Ethiopian Calendar: from n/a through 1.1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31588 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in elfsight Elfsight Testimonials Slider allows Cross Site Request Forgery. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31587 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elfsight Elfsight Testimonials Slider allows Stored XSS. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31586 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery – Photo Albums Plugin allows Stored XSS. This issue affects Gallery – Photo Albums Plugin: from n/a through 1.3.170.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31584 |
Description: Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31577 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify allows Upload a Web Shell to a Web Server. This issue affects Appointify: from n/a through 1.0.8.
CVSS: MEDIUM (6.6) EPSS Score: 0.05%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31576 |
Description: Missing Authorization vulnerability in Gagan Deep Singh PostmarkApp Email Integrator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PostmarkApp Email Integrator: from n/a through 2.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 31st, 2025 (22 days ago)
|
|
CVE-2025-31575 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vasilis Triantafyllou Flag Icons allows Stored XSS. This issue affects Flag Icons: from n/a through 2.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (22 days ago)
|