Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-30821
WordPress SNORDIAN's H5PxAPIkatchu plugin <= 0.4.14 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through 0.4.14.

CVSS: MEDIUM (5.3)

EPSS Score: 0.05%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30818
WordPress jAlbum Bridge plugin <= 2.0.17 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mlaza jAlbum Bridge allows DOM-Based XSS. This issue affects jAlbum Bridge: from n/a through 2.0.17.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30817
WordPress Z Companion plugin <= 1.0.13 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in wpzita Z Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Z Companion: from n/a through 1.0.13.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30816
WordPress publish post email notification plugin <= 1.0.2.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification allows Cross Site Request Forgery. This issue affects publish post email notification: from n/a through 1.0.2.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30815
WordPress Hesabfa Accounting plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows Cross Site Request Forgery. This issue affects Hesabfa Accounting: from n/a through 2.1.8.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30813
WordPress Listamester plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in listamester Listamester allows Stored XSS. This issue affects Listamester: from n/a through 2.3.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30812
WordPress SKT Addons for Elementor plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Addons for Elementor allows Stored XSS. This issue affects SKT Addons for Elementor: from n/a through 3.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30811
WordPress ValidateCertify plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross Site Request Forgery. This issue affects ValidateCertify: from n/a through 1.6.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30809
WordPress WordPress Contact Form, Drag and Drop Form Builder Plugin – Live Forms plugin <= 4.8.4 - Settings Change vulnerability
Description: Missing Authorization vulnerability in Shahjada Live Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Live Forms: from n/a through 4.8.4.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30805
WordPress Flexible Cookies plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible Cookies allows Cross Site Request Forgery. This issue affects Flexible Cookies: from n/a through 1.1.8.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
March 27th, 2025 (27 days ago)