Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32259
WordPress WP ULike plugin <= 4.7.9.1 - Content Spoofing Vulnerability
Description: Missing Authorization vulnerability in Alimir WP ULike. This issue affects WP ULike: from n/a through 4.7.9.1.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32244
WordPress SEO Help plugin <= 6.6.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in QuantumCloud SEO Help allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SEO Help: from n/a through 6.6.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32243
WordPress Internal Link Optimiser plugin <= 5.1.2 - Settings Change vulnerability
Description: Missing Authorization vulnerability in Toast Plugins Internal Link Optimiser allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Link Optimiser: from n/a through 5.1.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32242
WordPress Hive Support plugin <= 1.2.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Hive Support Hive Support allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Hive Support: from n/a through 1.2.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32240
WordPress Site Notify <= 1.0 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in NotFound Site Notify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Site Notify: from n/a through 1.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32236
WordPress Woocommerce Products Reorder Drag Drop Multiple Sort plugin <= 1.9 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Vagonic Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic. This issue affects Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic: from n/a through 1.9.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32230
WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Themeum Tutor LMS. This issue affects Tutor LMS: from n/a through 3.4.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32228
WordPress Ai Image Alt Text Generator for WP plugin <= 1.0.8 - Sensitive Data Exposure vulnerability
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Messiah Ai Image Alt Text Generator for WP. This issue affects Ai Image Alt Text Generator for WP: from n/a through 1.0.8.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32227
WordPress Asgaros Forum plugin <= 3.0.0 - File Upload Numbers Bypass vulnerability
Description: Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing. This issue affects Asgaros Forum: from n/a through 3.0.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
April 10th, 2025 (12 days ago)

CVE-2025-32221
WordPress EazyDocs plugin <= 2.6.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Spider Themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EazyDocs: from n/a through 2.6.4.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
April 10th, 2025 (12 days ago)