Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32928 |
Description: Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-32927 |
Description: Deserialization of Untrusted Data vulnerability in Chimpstudio FoodBakery allows Object Injection.This issue affects FoodBakery: from n/a through 3.3.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-32926 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeGoods Grand Restaurant WordPress allows Path Traversal.This issue affects Grand Restaurant WordPress: from n/a through 7.0.
CVSS: CRITICAL (9.8) EPSS Score: 0.06%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-32925 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FantasticPlugins SUMO Reward Points allows PHP Local File Inclusion.This issue affects SUMO Reward Points: from n/a through 30.7.0.
CVSS: HIGH (8.3) EPSS Score: 0.11%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-32924 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in roninwp Revy allows SQL Injection.This issue affects Revy: from n/a through 2.1.
CVSS: HIGH (8.5) EPSS Score: 0.03%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-31027 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0.
CVSS: HIGH (7.1) EPSS Score: 0.03%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-47582 |
Description: Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0.
CVSS: CRITICAL (9.8) EPSS Score: 0.05% SSVC Exploitation: none
May 19th, 2025 (21 days ago)
|
|
CVE-2025-47581 |
Description: Deserialization of Untrusted Data vulnerability in Elbisnero WordPress Events Calendar Registration & Tickets allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through 2.6.0.
CVSS: CRITICAL (9.8) EPSS Score: 0.05% SSVC Exploitation: none
May 19th, 2025 (21 days ago)
|
|
CVE-2025-47577 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a through 2.9.2.
CVSS: CRITICAL (10.0) EPSS Score: 0.06% SSVC Exploitation: none
May 19th, 2025 (21 days ago)
|
|
CVE-2025-43839 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shanebp BP Messages Tool allows Reflected XSS.This issue affects BP Messages Tool: from n/a through 2.2.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
May 19th, 2025 (21 days ago)
|