Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24645 |
WordPress Eazy Under Construction Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob Scott Eazy Under Construction allows Reflected XSS. This issue affects Eazy Under Construction: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24640 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan-Lucian Stefancu Empty Tags Remover allows Reflected XSS. This issue affects Empty Tags Remover: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24637 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture allows Reflected XSS. This issue affects Beacon Lead Magnets and Lead Capture: from n/a through 1.5.7.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24624 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTech HT Event allows Reflected XSS. This issue affects HT Event: from n/a through 1.4.6.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24621 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tychesoftwares Arconix Shortcodes allows Reflected XSS. This issue affects Arconix Shortcodes: from n/a through 2.1.15.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24619 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webheadcoder WP Log Action allows Reflected XSS. This issue affects WP Log Action: from n/a through 0.51.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24586 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bitsstech Shipment Tracker for Woocommerce allows Reflected XSS. This issue affects Shipment Tracker for Woocommerce: from n/a through 1.4.23.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24583 |
Description: Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a through 3.16.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24581 |
Description: Missing Authorization vulnerability in Themefic Instantio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Instantio: from n/a through 3.3.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24577 |
Description: Missing Authorization vulnerability in Ays Pro Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Poll Maker: from n/a through 5.5.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|