Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-30781
WordPress Scheduled & Automatic Order Status Controller for WooCommerce <= 3.7.1 - Open Redirection Vulnerability
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPFactory Scheduled & Automatic Order Status Controller for WooCommerce allows Phishing. This issue affects Scheduled & Automatic Order Status Controller for WooCommerce: from n/a through 3.7.1.

CVSS: MEDIUM (4.7)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30780
WordPress Audio Album <= 1.5.0 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cubecolour Audio Album allows Stored XSS. This issue affects Audio Album: from n/a through 1.5.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30779
WordPress Doneren met Mollie <= 2.10.7 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Doneren met Mollie allows Stored XSS. This issue affects Doneren met Mollie: from n/a through 2.10.7.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30777
WordPress Support Genix <= 1.4.11 - Insecure Direct Object References (IDOR) Vulnerability
Description: Authorization Bypass Through User-Controlled Key vulnerability in PalsCode Support Genix allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Support Genix: from n/a through 1.4.11.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30776
WordPress Sitekit <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Sitekit allows Stored XSS. This issue affects Sitekit: from n/a through 1.8.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30771
WordPress WP Cassify <= 2.3.5 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alain-Aymerick FRANCOIS WP Cassify allows DOM-Based XSS. This issue affects WP Cassify: from n/a through 2.3.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30770
WordPress Charitable <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable allows DOM-Based XSS. This issue affects Charitable: from n/a through 1.8.4.7.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30768
WordPress jAlbum Bridge <= 2.0.18 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mlaza jAlbum Bridge allows Stored XSS. This issue affects jAlbum Bridge: from n/a through 2.0.18.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30767
WordPress PDF for WPForms plugin <= 5.3.0 - Arbitrary Shortcode Execution vulnerability
Description: Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for WPForms: from n/a through 5.3.0.

CVSS: MEDIUM (5.4)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)

CVE-2025-30766
WordPress Happy Addons for Elementor <= 3.16.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyMonster Happy Addons for Elementor allows DOM-Based XSS. This issue affects Happy Addons for Elementor: from n/a through 3.16.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
March 27th, 2025 (27 days ago)