Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-39556 |
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel allows Retrieve Embedded Sensitive Data. This issue affects Mediavine Control Panel: from n/a through 2.10.6.
CVSS: MEDIUM (5.3) EPSS Score: 0.03%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39555 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin allows Stored XSS. This issue affects Church Admin: from n/a through 5.0.23.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39552 |
Description: Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zephyr Project Manager: from n/a through 3.3.200.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39549 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in whiletrue Most And Least Read Posts Widget allows Stored XSS. This issue affects Most And Least Read Posts Widget: from n/a through 2.5.20.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39548 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Right Click Disable OR Ban allows Stored XSS. This issue affects Right Click Disable OR Ban: from n/a through 1.1.17.
CVSS: HIGH (7.1) EPSS Score: 0.01%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39547 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Internal Link Optimiser allows Stored XSS. This issue affects Internal Link Optimiser: from n/a through 5.1.3.
CVSS: HIGH (7.1) EPSS Score: 0.01%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39546 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft ElementsReady Addons for Elementor allows Cross Site Request Forgery. This issue affects ElementsReady Addons for Elementor: from n/a through 6.6.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.01%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39545 |
Description: Missing Authorization vulnerability in miniOrange WordPress REST API Authentication allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress REST API Authentication: from n/a through 3.6.3.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39544 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi WP Tools allows Path Traversal. This issue affects WP Tools: from n/a through 5.18.
CVSS: HIGH (7.4) EPSS Score: 0.02%
April 16th, 2025 (4 days ago)
|
|
CVE-2025-39543 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS. This issue affects Royal Elementor Addons: from n/a through 1.3.977.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 16th, 2025 (4 days ago)
|