Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32228 |
WordPress Ai Image Alt Text Generator for WP plugin <= 1.0.8 - Sensitive Data Exposure vulnerability
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Messiah Ai Image Alt Text Generator for WP. This issue affects Ai Image Alt Text Generator for WP: from n/a through 1.0.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32227 |
Description: Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing. This issue affects Asgaros Forum: from n/a through 3.0.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32221 |
Description: Missing Authorization vulnerability in Spider Themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EazyDocs: from n/a through 2.6.4.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32216 |
Description: Missing Authorization vulnerability in Spider Themes Spider Elements – Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Spider Elements – Addons for Elementor: from n/a through 1.6.2.
CVSS: MEDIUM (6.4) EPSS Score: 0.04%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32215 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Ability, Inc Accessibility Suite by Online ADA allows Stored XSS. This issue affects Accessibility Suite by Online ADA: from n/a through 4.18.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32214 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support allows Stored XSS. This issue affects Hive Support: from n/a through 1.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32213 |
Description: Missing Authorization vulnerability in flothemesplugins Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Flo Forms: from n/a through 1.0.43.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32212 |
Description: Missing Authorization vulnerability in Specia Theme Specia Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specia Companion: from n/a through 4.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32210 |
WordPress CM Registration and Invitation Codes plugin <= 2.5.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in CreativeMindsSolutions CM Registration and Invitation Codes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Registration and Invitation Codes: from n/a through 2.5.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-32209 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in totalprocessing Total processing card payments for WooCommerce allows Path Traversal. This issue affects Total processing card payments for WooCommerce: from n/a through 7.1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
April 10th, 2025 (11 days ago)
|