Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-39600
WordPress Integration for WooCommerce and QuickBooks <= 1.3.1 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for WooCommerce and QuickBooks allows Cross Site Request Forgery. This issue affects Integration for WooCommerce and QuickBooks: from n/a through 1.3.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.01%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39599
WordPress Listdom <= 4.0.0 - Open Redirection Vulnerability
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Webilia Inc. Listdom allows Phishing. This issue affects Listdom: from n/a through 4.0.0.

CVSS: MEDIUM (4.7)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39598
WordPress Administrator Z <= 2025.03.28 - Directory Traversal Vulnerability
Description: Path Traversal vulnerability in Quý Lê 91 Administrator Z allows Path Traversal. This issue affects Administrator Z: from n/a through 2025.03.28.

CVSS: MEDIUM (4.9)

EPSS Score: 0.04%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39597
WordPress Fast eBay Listings <= 2.12.15 - Open Redirection Vulnerability
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Arthur Yarwood Fast eBay Listings allows Phishing. This issue affects Fast eBay Listings: from n/a through 2.12.15.

CVSS: MEDIUM (4.7)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39593
WordPress Ever Accounting <= 2.1.5 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in EverAccounting Ever Accounting allows Cross Site Request Forgery. This issue affects Ever Accounting: from n/a through 2.1.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.01%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39591
WordPress WP Subscription Forms <= 1.2.3 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in WP Shuffle WP Subscription Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Subscription Forms: from n/a through 1.2.3.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39590
WordPress Essential Addons for Elementor <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS. This issue affects Essential Addons for Elementor: from n/a through 6.1.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39589
WordPress Essential Addons for Elementor <= 6.1.9 - Sensitive Data Exposure Vulnerability
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Essential Addons for Elementor: from n/a through 6.1.9.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39585
WordPress Travelfic Toolkit <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Travelfic Toolkit allows Stored XSS. This issue affects Travelfic Toolkit: from n/a through 1.2.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)

CVE-2025-39582
WordPress WP Data Access <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Passionate Programmer Peter WP Data Access allows DOM-Based XSS. This issue affects WP Data Access: from n/a through 5.5.36.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (3 days ago)