Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-46509 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrey Mikhalchuk 360 View allows Stored XSS. This issue affects 360 View: from n/a through 1.1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46505 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in farinspace Peekaboo allows Stored XSS. This issue affects Peekaboo: from n/a through 1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46503 |
Description: Server-Side Request Forgery (SSRF) vulnerability in josheli Simple Google Photos Grid allows Server Side Request Forgery. This issue affects Simple Google Photos Grid: from n/a through 1.5.
CVSS: MEDIUM (4.9) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46501 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in biancardi Mixcloud Embed allows Stored XSS. This issue affects Mixcloud Embed: from n/a through 2.2.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46498 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in nghialuu Zalo Official Live Chat allows Cross Site Request Forgery. This issue affects Zalo Official Live Chat: from n/a through 1.0.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46496 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oniswap Mini twitter feed allows Stored XSS. This issue affects Mini twitter feed: from n/a through 3.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46495 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in tomontoast Drop Caps allows Stored XSS. This issue affects Drop Caps: from n/a through 2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.01%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46491 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthew Muro Multi-Column Taxonomy List allows Stored XSS. This issue affects Multi-Column Taxonomy List: from n/a through 1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46489 |
Description: Missing Authorization vulnerability in vinodvaswani9 Bulk Assign Linked Products For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Bulk Assign Linked Products For WooCommerce: from n/a through 2.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46485 |
Description: Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Customize Login Page: from n/a through 1.6.5.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 24th, 2025 (about 2 months ago)
|