Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-26736
WordPress MorningTime Lite theme <= 1.3.2 - Stored Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in viktoras MorningTime Lite allows Stored XSS.This issue affects MorningTime Lite: from n/a through 1.3.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-26734
WordPress Hester plugin <= 1.1.10 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in peregrinethemes Hester allows Stored XSS.This issue affects Hester: from n/a through 1.1.10.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-26732
WordPress StoreBiz plugin <= 1.0.32 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BurgerThemes StoreBiz allows DOM-Based XSS.This issue affects StoreBiz: from n/a through 1.0.32.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-26731
WordPress ARPrice plugin <= 4.1.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARPrice allows Stored XSS.This issue affects ARPrice: from n/a through 4.1.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-22816
WordPress Power Mag theme <= 1.1.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeTrendy Power Mag allows DOM-Based XSS.This issue affects Power Mag: from n/a through 1.1.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-22770
WordPress Envo Multipurpose theme <= 1.1.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in EnvoThemes Envo Multipurpose allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Multipurpose: from n/a through 1.1.6.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-22673
WordPress EAN Barcode Generator <= 5.3.5 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WPFactory EAN for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through 5.3.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-22672
WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability
Description: Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member allows Server Side Request Forgery.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through 1.1.2.

CVSS: MEDIUM (4.9)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-22671
WordPress Disable Elementor Editor Translation plugin <= 1.0.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through 1.0.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (26 days ago)

CVE-2025-22670
WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.7.2 - CSRF to Settings Change vulnerability
Description: Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.7.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
March 27th, 2025 (26 days ago)