Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32693
WordPress WebinarPress <= 1.33.27 - Open Redirection Vulnerability
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPWebinarSystem WebinarPress allows Phishing. This issue affects WebinarPress: from n/a through 1.33.27.

CVSS: MEDIUM (4.7)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32691
WordPress PowerPress Podcasting <= 11.12.4 - Server Side Request Forgery (SSRF) Vulnerability
Description: Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows Server Side Request Forgery. This issue affects PowerPress Podcasting: from n/a through 11.12.4.

CVSS: MEDIUM (4.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32690
WordPress PowerPress Podcasting <= 11.12.4 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Angelo Mandato PowerPress Podcasting allows DOM-Based XSS. This issue affects PowerPress Podcasting: from n/a through 11.12.4.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32684
WordPress MapSVG Lite plugin <= 8.5.32 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in RomanCode MapSVG Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MapSVG Lite: from n/a through 8.5.32.

CVSS: MEDIUM (5.0)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32683
WordPress MapSVG Lite plugin <= 8.5.32 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RomanCode MapSVG Lite allows DOM-Based XSS. This issue affects MapSVG Lite: from n/a through 8.5.32.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32680
WordPress Review Stream plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Grade Us, Inc. Review Stream allows Stored XSS. This issue affects Review Stream: from n/a through 1.6.7.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32679
WordPress User Registration Using Contact Form 7 plugin <= 2.2 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in ZealousWeb User Registration Using Contact Form 7 allows Cross Site Request Forgery. This issue affects User Registration Using Contact Form 7: from n/a through 2.2.

CVSS: MEDIUM (5.4)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32678
WordPress WP Show Stats plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Show Stats allows Cross Site Request Forgery. This issue affects WP Show Stats: from n/a through 1.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32675
WordPress SEO Help plugin <= 6.6.0 - Server Side Request Forgery (SSRF) vulnerability
Description: Server-Side Request Forgery (SSRF) vulnerability in QuantumCloud SEO Help allows Server Side Request Forgery. This issue affects SEO Help: from n/a through 6.6.0.

CVSS: MEDIUM (6.8)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)

CVE-2025-32640
WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor One Click Accessibility allows Stored XSS. This issue affects One Click Accessibility: from n/a through 3.1.0.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (13 days ago)