Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-31532
WordPress AtomChat plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team AtomChat AtomChat allows Stored XSS. This issue affects AtomChat: from n/a through 1.1.6.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31530
WordPress Google SEO Pressor Snippet plugin <= 2.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in smackcoders Google SEO Pressor Snippet allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Google SEO Pressor Snippet: from n/a through 2.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31529
WordPress Slider Path for Elementor plugin <= 3.0.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Rashid Slider Path for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slider Path for Elementor: from n/a through 3.0.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31528
WordPress StaticPress plugin <= 0.4.5 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in wokamoto StaticPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaticPress: from n/a through 0.4.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31527
WordPress WP Link Preview plugin <= 1.4.1 - Server Side Request Forgery (SSRF) vulnerability
Description: Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side Request Forgery. This issue affects WP Link Preview: from n/a through 1.4.1.

CVSS: MEDIUM (6.4)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31419
WordPress Churel plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeix Churel allows DOM-Based XSS.This issue affects Churel: from n/a through 1.0.8.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-30963
WordPress JetSmartFilters plugin <= 3.6.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters allows DOM-Based XSS.This issue affects JetSmartFilters: from n/a through 3.6.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31386
WordPress Simple:Press plugin <= 6.10.11 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Simplepress Simple:Press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple:Press: from n/a through 6.10.11.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31376
WordPress NanoSupport plugin <= 0.6.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Mayeenul Islam NanoSupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through 0.6.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-30961
WordPress Trackserver plugin <= 5.0.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tinuzz Trackserver allows DOM-Based XSS.This issue affects Trackserver: from n/a through 5.0.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)