Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-31538
WordPress Checklist plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in checklistcom Checklist allows Stored XSS. This issue affects Checklist: from n/a through 1.1.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31535
WordPress Simple Owl Carousel plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Owl Carousel allows DOM-Based XSS. This issue affects Simple Owl Carousel: from n/a through 1.1.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31533
WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Salesmate Add-On for Gravity Forms: from n/a through 2.0.3.

CVSS: MEDIUM (5.3)

EPSS Score: 0.05%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31532
WordPress AtomChat plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team AtomChat AtomChat allows Stored XSS. This issue affects AtomChat: from n/a through 1.1.6.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31530
WordPress Google SEO Pressor Snippet plugin <= 2.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in smackcoders Google SEO Pressor Snippet allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Google SEO Pressor Snippet: from n/a through 2.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31529
WordPress Slider Path for Elementor plugin <= 3.0.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Rashid Slider Path for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slider Path for Elementor: from n/a through 3.0.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31528
WordPress StaticPress plugin <= 0.4.5 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in wokamoto StaticPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaticPress: from n/a through 0.4.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31527
WordPress WP Link Preview plugin <= 1.4.1 - Server Side Request Forgery (SSRF) vulnerability
Description: Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side Request Forgery. This issue affects WP Link Preview: from n/a through 1.4.1.

CVSS: MEDIUM (6.4)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-31419
WordPress Churel plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeix Churel allows DOM-Based XSS.This issue affects Churel: from n/a through 1.0.8.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)

CVE-2025-30963
WordPress JetSmartFilters plugin <= 3.6.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters allows DOM-Based XSS.This issue affects JetSmartFilters: from n/a through 3.6.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 31st, 2025 (22 days ago)