Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-31469
WordPress Clear Sucuri Cache <= 1.4 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in webrangers Clear Sucuri Cache allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clear Sucuri Cache: from n/a through 1.4.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31465
WordPress Better Section Navigation Widget <= 1.6.1 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in cornershop Better Section Navigation Widget allows Stored XSS. This issue affects Better Section Navigation Widget: from n/a through 1.6.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31464
WordPress Text Selection Color <= 1.6 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nazmur Rahman Text Selection Color allows Stored XSS. This issue affects Text Selection Color: from n/a through 1.6.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31463
WordPress TGG WP Optimizer <= 1.22 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Preetinder Singh TGG WP Optimizer allows Stored XSS. This issue affects TGG WP Optimizer: from n/a through 1.22.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31457
WordPress LWS SMS <= 2.4.1 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Aurélien LWS LWS SMS allows Cross Site Request Forgery. This issue affects LWS SMS: from n/a through 2.4.1.

CVSS: MEDIUM (5.4)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31456
WordPress Ultimate Security Checker plugin <= 4.2 - Cross Site Request Forgery (CSRF) to Security Rescan vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in bsndev Ultimate Security Checker allows Cross Site Request Forgery. This issue affects Ultimate Security Checker: from n/a through 4.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31453
WordPress YouTube SimpleGallery <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stian Andreassen YouTube SimpleGallery allows Stored XSS. This issue affects YouTube SimpleGallery: from n/a through 2.0.6.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31452
WordPress WP Ultimate Search <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mindshare Labs, Inc. WP Ultimate Search allows Stored XSS. This issue affects WP Ultimate Search: from n/a through 2.0.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31451
WordPress wBounce <= 1.8.1 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kevinweber wBounce allows Stored XSS. This issue affects wBounce: from n/a through 1.8.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (25 days ago)

CVE-2025-31450
WordPress Toggle Box <= 1.6 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phantom.omaga Toggle Box allows Stored XSS. This issue affects Toggle Box: from n/a through 1.6.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (25 days ago)