Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-39428
WordPress Gravity Forms CSS Themes with Fontawesome and Placeholders plugin <= 8.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders allows Stored XSS. This issue affects Gravity Forms CSS Themes with Fontawesome and Placeholders: from n/a through 8.5.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39427
WordPress WP Post to PDF Enhanced plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beth Tucker Long WP Post to PDF Enhanced allows Stored XSS. This issue affects WP Post to PDF Enhanced: from n/a through 1.1.1.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39426
WordPress illow – Cookies Consent plugin <= 0.2.0 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in illow illow – Cookies Consent allows Cross Site Request Forgery. This issue affects illow – Cookies Consent: from n/a through 0.2.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39425
WordPress Style Manager plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in pixelgrade Style Manager allows Cross Site Request Forgery. This issue affects Style Manager: from n/a through 2.2.7.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39424
WordPress Simple Maps plugin <= 0.98 - CSRF to XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in simplemaps Simple Maps allows Stored XSS. This issue affects Simple Maps: from n/a through 0.98.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39423
WordPress Add to Header plugin <= 1.0 - CSRF to XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Jenst Add to Header allows Stored XSS. This issue affects Add to Header: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39422
WordPress WP Social Bookmarking plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in PResponsive WP Social Bookmarking allows Stored XSS. This issue affects WP Social Bookmarking: from n/a through 3.6.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39421
WordPress WP Sticky Side Buttons plugin <= 2.1 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Mustafa KUCUK WP Sticky Side Buttons allows Stored XSS. This issue affects WP Sticky Side Buttons: from n/a through 2.1.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39420
WordPress WP Twitter Button plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ruudkok WP Twitter Button allows Stored XSS. This issue affects WP Twitter Button: from n/a through 1.4.1.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)

CVE-2025-39419
WordPress Revision Diet plugin <= 1.0.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in David Miller Revision Diet allows Stored XSS. This issue affects Revision Diet: from n/a through 1.0.1.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (3 days ago)