Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-46245
WordPress CM Ad Changer <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Ad Changer allows Cross Site Request Forgery. This issue affects CM Ad Changer: from n/a through 2.0.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46244
WordPress Advanced Linked Variations for Woocommerce <= 1.0.3 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in Dotstore Advanced Linked Variations for Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Linked Variations for Woocommerce: from n/a through 1.0.3.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46243
WordPress Recover abandoned cart for WooCommerce <= 2.2 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows Cross Site Request Forgery. This issue affects Recover abandoned cart for WooCommerce: from n/a through 2.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46240
WordPress Simple Download Counter <= 2.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Simple Download Counter allows Stored XSS. This issue affects Simple Download Counter: from n/a through 2.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46239
WordPress Theme Switcha <= 3.4 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Theme Switcha allows Stored XSS. This issue affects Theme Switcha: from n/a through 3.4.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46238
WordPress List Last Changes <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rbaer List Last Changes allows Stored XSS. This issue affects List Last Changes: from n/a through 1.2.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46237
WordPress Link Library <= 7.8 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Stored XSS. This issue affects Link Library: from n/a through 7.8.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46236
WordPress HTML Forms <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46235
WordPress SKT Blocks – Gutenberg based Page Builder <= 2.0 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg based Page Builder allows Stored XSS. This issue affects SKT Blocks – Gutenberg based Page Builder: from n/a through 2.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 22nd, 2025 (about 2 months ago)

CVE-2025-46233
WordPress Sirv <= 7.5.3 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sirv CDN and Image Hosting Sirv allows Stored XSS. This issue affects Sirv: from n/a through 7.5.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 22nd, 2025 (about 2 months ago)