Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-46445 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pReya External Markdown allows Stored XSS. This issue affects External Markdown: from n/a through 0.0.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46443 |
Description: Server-Side Request Forgery (SSRF) vulnerability in Adam Pery Animate allows Server Side Request Forgery. This issue affects Animate: from n/a through 0.5.
CVSS: MEDIUM (4.9) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46438 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in warmwhisky GTDB Guitar Tuners allows Stored XSS. This issue affects GTDB Guitar Tuners: from n/a through 4.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46436 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sebastian Echeverry SCSS-Library allows Cross Site Request Forgery. This issue affects SCSS-Library: from n/a through 0.4.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46261 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting allows Stored XSS. This issue affects Seriously Simple Podcasting: from n/a through 3.9.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46260 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor allows Stored XSS. This issue affects Sky Addons for Elementor: from n/a through 3.0.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-39404 |
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social Share allows Phishing. This issue affects Sassy Social Share: from n/a through 3.3.73.
CVSS: MEDIUM (4.7) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-39390 |
Description: Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Booking and Rental Manager: from n/a through 2.3.8.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-39385 |
Description: Missing Authorization vulnerability in VW Themes Sirat allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sirat: from n/a through 1.5.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2024-24884 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.08% SSVC Exploitation: none
April 24th, 2025 (about 2 months ago)
|