Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22497 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A.H.C. Waasdorp Simple Google Calendar Outlook Events Block Widget allows Stored XSS.This issue affects Simple Google Calendar Outlook Events Block Widget: from n/a through 2.5.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-22496 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MarMar8x Notif Bell allows Stored XSS.This issue affects Notif Bell: from n/a through 0.9.8.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-22278 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yudleethemes Whitish Lite allows Stored XSS.This issue affects Whitish Lite: from n/a through 2.1.13.
CVSS: MEDIUM (6.5) EPSS Score: 0.03% SSVC Exploitation: none
March 27th, 2025 (26 days ago)
|
|
CVE-2024-37474 |
Description: Cross Site Scripting (XSS) vulnerability in Automattic Newspack Ads allows Stored XSS.This issue affects Newspack Ads: from n/a through 1.47.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.06% SSVC Exploitation: none
March 27th, 2025 (26 days ago)
|
|
CVE-2025-26736 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in viktoras MorningTime Lite allows Stored XSS.This issue affects MorningTime Lite: from n/a through 1.3.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-26734 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in peregrinethemes Hester allows Stored XSS.This issue affects Hester: from n/a through 1.1.10.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-26732 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BurgerThemes StoreBiz allows DOM-Based XSS.This issue affects StoreBiz: from n/a through 1.0.32.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-26731 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARPrice allows Stored XSS.This issue affects ARPrice: from n/a through 4.1.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-22816 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeTrendy Power Mag allows DOM-Based XSS.This issue affects Power Mag: from n/a through 1.1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-22770 |
Description: Missing Authorization vulnerability in EnvoThemes Envo Multipurpose allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Multipurpose: from n/a through 1.1.6.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
March 27th, 2025 (26 days ago)
|