Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32495
WordPress Waymark <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Waymark allows Stored XSS. This issue affects Waymark: from n/a through 1.5.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32494
WordPress reCAPTCHA Jetpack <= 0.2.2 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in bozdoz reCAPTCHA Jetpack allows Cross Site Request Forgery. This issue affects reCAPTCHA Jetpack: from n/a through 0.2.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32493
WordPress BP Social Connect <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes BP Social Connect allows Stored XSS. This issue affects BP Social Connect: from n/a through 1.6.2.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32492
WordPress Admin Menu Post List <= 2.0.7 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eliot Akira Admin Menu Post List allows Stored XSS. This issue affects Admin Menu Post List: from n/a through 2.0.7.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32489
WordPress Wetterwarner <= 2.7.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Wetterwarner allows Stored XSS. This issue affects Wetterwarner: from n/a through 2.7.2.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32488
WordPress Aria Font <= 1.4 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in آریا وردپرس Aria Font allows Stored XSS. This issue affects Aria Font: from n/a through 1.4.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32487
WordPress Waymark <= 1.5.2 - Server Side Request Forgery (SSRF) Vulnerability
Description: Server-Side Request Forgery (SSRF) vulnerability in Joe Waymark allows Server Side Request Forgery. This issue affects Waymark: from n/a through 1.5.2.

CVSS: MEDIUM (4.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32485
WordPress WP Performance Pack <= 2.5.4 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Bjoern WP Performance Pack allows Cross Site Request Forgery. This issue affects WP Performance Pack: from n/a through 2.5.4.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32484
WordPress WP-Planification – WP-Planning plugin <= 2.3.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WP-Planification allows Stored XSS. This issue affects WP-Planification: from n/a through 2.3.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-32483
WordPress Request Call Back <= 1.4.1 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Salisbury Request Call Back allows Stored XSS. This issue affects Request Call Back: from n/a through 1.4.1.

CVSS: MEDIUM (5.9)

EPSS Score: 0.03%

Source: CVE
April 9th, 2025 (12 days ago)