Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32216 |
Description: Missing Authorization vulnerability in Spider Themes Spider Elements – Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Spider Elements – Addons for Elementor: from n/a through 1.6.2.
CVSS: MEDIUM (6.4) EPSS Score: 0.04%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32215 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Ability, Inc Accessibility Suite by Online ADA allows Stored XSS. This issue affects Accessibility Suite by Online ADA: from n/a through 4.18.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32214 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support allows Stored XSS. This issue affects Hive Support: from n/a through 1.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32213 |
Description: Missing Authorization vulnerability in flothemesplugins Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Flo Forms: from n/a through 1.0.43.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32212 |
Description: Missing Authorization vulnerability in Specia Theme Specia Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specia Companion: from n/a through 4.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32210 |
WordPress CM Registration and Invitation Codes plugin <= 2.5.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in CreativeMindsSolutions CM Registration and Invitation Codes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Registration and Invitation Codes: from n/a through 2.5.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32209 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in totalprocessing Total processing card payments for WooCommerce allows Path Traversal. This issue affects Total processing card payments for WooCommerce: from n/a through 7.1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32208 |
Description: Missing Authorization vulnerability in Hive Support Hive Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hive Support: from n/a through 1.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32199 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyale-vc Contact Form Builder by vcita. This issue affects Contact Form Builder by vcita: from n/a through 4.10.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (12 days ago)
|
|
CVE-2025-32198 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themefusecom Brizy. This issue affects Brizy: from n/a through 2.6.14.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (12 days ago)
|