Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30861 |
Description: Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.6.29.
CVSS: MEDIUM (4.9) EPSS Score: 0.04%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30860 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) allows DOM-Based XSS. This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through 0.5.8.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30859 |
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ali2woo AliNext allows Phishing. This issue affects AliNext: from n/a through 3.5.1.
CVSS: MEDIUM (4.7) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30856 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager allows Cross Site Request Forgery. This issue affects Custom Field For WP Job Manager: from n/a through 1.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30854 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial Codes Generator and Validator with WooCommerce Support allows Cross Site Request Forgery. This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.7.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30851 |
Description: Missing Authorization vulnerability in Tickera Tickera allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tickera: from n/a through 3.5.5.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30850 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sfaerber Dr. Flex allows Stored XSS. This issue affects Dr. Flex: from n/a through 2.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30847 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashley Novelist allows Stored XSS. This issue affects Novelist: from n/a through 1.2.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30842 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda allows Cross Site Request Forgery. This issue affects Christmas Panda: from n/a through 1.0.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (26 days ago)
|
|
CVE-2025-30839 |
WordPress Taxi Booking Manager for WooCommerce plugin <= 1.2.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.2.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
March 27th, 2025 (26 days ago)
|