Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-43013
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
Description: In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible

CVSS: MEDIUM (6.9)

EPSS Score: 0.0%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-43012
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible
Description: In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible

CVSS: HIGH (8.3)

EPSS Score: 0.0%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-42921
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
Description: In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin

CVSS: MEDIUM (4.2)

EPSS Score: 0.0%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-39596
WordPress Quentn WP <= 1.2.8 - Privilege Escalation Vulnerability
Description: Weak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This issue affects Quentn WP: from n/a through 1.2.8.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-39595
WordPress Quentn WP <= 1.2.8 - SQL Injection Vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Quentn.com GmbH Quentn WP allows SQL Injection. This issue affects Quentn WP: from n/a through 1.2.8.

CVSS: CRITICAL (9.3)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-39594
WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Arigato Autoresponder and Newsletter allows Reflected XSS. This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.4.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-39588
WordPress Ultimate Store Kit Elementor Addons <= 2.4.0 - Deserialization of untrusted data Vulnerability
Description: Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Object Injection. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.4.0.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-39587
WordPress Cost Calculator Builder <= 3.2.65 - SQL Injection Vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix Cost Calculator Builder allows SQL Injection. This issue affects Cost Calculator Builder: from n/a through 3.2.65.

CVSS: CRITICAL (9.3)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-39586
WordPress ProfileGrid <= 5.9.4.8 - SQL Injection Vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.4.8.

CVSS: HIGH (8.5)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (2 days ago)

CVE-2025-39583
WordPress BERTHA AI <= 1.12.10.2 - Arbitrary Content Deletion Vulnerability
Description: Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BERTHA AI: from n/a through 1.12.10.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
April 17th, 2025 (2 days ago)