Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32488 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in آریا وردپرس Aria Font allows Stored XSS. This issue affects Aria Font: from n/a through 1.4.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-32487 |
Description: Server-Side Request Forgery (SSRF) vulnerability in Joe Waymark allows Server Side Request Forgery. This issue affects Waymark: from n/a through 1.5.2.
CVSS: MEDIUM (4.9) EPSS Score: 0.03%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-32485 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Bjoern WP Performance Pack allows Cross Site Request Forgery. This issue affects WP Performance Pack: from n/a through 2.5.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-32483 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Salisbury Request Call Back allows Stored XSS. This issue affects Request Call Back: from n/a through 1.4.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-32381 |
Description: XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to 0.1.18, Xgrammar includes a cache for compiled grammars to increase performance with repeated use of the same grammar. This cache is held in memory. Since the cache is unbounded, a system making use of xgrammar can be abused to fill up a host's memory and case a denial of service. For example, sending many small requests to an LLM inference server with unique JSON schemas would eventually cause this denial of service to occur. This vulnerability is fixed in 0.1.18.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-31042 |
Description: Missing Authorization vulnerability in rtakao Sandwich Adsense allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sandwich Adsense: from n/a through 4.0.2.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-31035 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Chris WP Editor.md – The Perfect WordPress Markdown Editor allows Stored XSS. This issue affects WP Editor.md – The Perfect WordPress Markdown Editor: from n/a through 10.2.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-31034 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in AboZain Albanna Customize Login Page allows Cross Site Request Forgery. This issue affects Customize Login Page: from n/a through 1.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-31020 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webliberty Simple Spoiler allows Stored XSS. This issue affects Simple Spoiler: from n/a through 1.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 9th, 2025 (13 days ago)
|
|
CVE-2025-31017 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Noakes Nav Menu Manager allows Stored XSS. This issue affects Nav Menu Manager: from n/a through 3.2.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 9th, 2025 (13 days ago)
|