Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24577 |
Description: Missing Authorization vulnerability in Ays Pro Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Poll Maker: from n/a through 5.5.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24553 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akadrama Shipping with Venipak for WooCommerce allows Reflected XSS. This issue affects Shipping with Venipak for WooCommerce: from n/a through 1.22.3.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24550 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JobScore Job Manager allows Stored XSS. This issue affects Job Manager: from n/a through 2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24548 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Autoglot Autoglot – Automatic WordPress Translation allows Reflected XSS. This issue affects Autoglot – Automatic WordPress Translation: from n/a through 2.4.7.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-24539 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in debounce DeBounce Email Validator allows Reflected XSS. This issue affects DeBounce Email Validator: from n/a through 5.6.5.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-23958 |
Description: Missing Authorization vulnerability in FADI MED Editor Wysiwyg Background Color allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Editor Wysiwyg Background Color: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-23906 |
Description: Missing Authorization vulnerability in wpseek WordPress Dashboard Tweeter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Dashboard Tweeter: from n/a through 1.3.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-23858 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hiren Patel Custom Users Order allows Reflected XSS. This issue affects Custom Users Order: from n/a through 4.2.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-23855 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyljp SpiderDisplay allows Reflected XSS. This issue affects SpiderDisplay: from n/a through 1.9.1.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-23782 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TotalSuite TotalContest Lite allows Reflected XSS. This issue affects TotalContest Lite: from n/a through 2.8.1.
CVSS: HIGH (7.1) EPSS Score: 0.03%
April 17th, 2025 (3 days ago)
|