Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-39396 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through 2.3.6.
CVSS: HIGH (7.5) EPSS Score: 0.13%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-22287 |
Description: Missing Authorization vulnerability in Eniture Technology LTL Freight Quotes – FreightQuote Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – FreightQuote Edition: from n/a through 2.3.11.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-47583 |
Description: Unauthenticated Cross Site Request Forgery (CSRF) in Salon booking system <= 10.16 versions.
CVSS: MEDIUM (5.4) EPSS Score: 0.02% SSVC Exploitation: none
May 19th, 2025 (21 days ago)
|
|
CVE-2025-47576 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bringthepixel Bimber - Viral Magazine WordPress Theme.This issue affects Bimber - Viral Magazine WordPress Theme: from n/a through 9.2.5.
CVSS: HIGH (8.8) EPSS Score: 0.13% SSVC Exploitation: none
May 19th, 2025 (21 days ago)
|
|
CVE-2025-39394 |
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Plugins AnalyticsWP allows Retrieve Embedded Sensitive Data.This issue affects AnalyticsWP: from n/a through 2.1.2.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-39388 |
Description: Missing Authorization vulnerability in Solid Plugins AnalyticsWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AnalyticsWP: from n/a through 2.0.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-39376 |
Description: Missing Authorization vulnerability in QuanticaLabs Car Park Booking System for WordPress.This issue affects Car Park Booking System for WordPress: from n/a through 2.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-39375 |
WordPress Easy Child Theme Creator plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ashok G Easy Child Theme Creator allows Cross Site Request Forgery.This issue affects Easy Child Theme Creator: from n/a through 1.3.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-39374 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in aseem1234 Best Posts Summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 19th, 2025 (21 days ago)
|
|
CVE-2025-39373 |
Description: Missing Authorization vulnerability in jegtheme JNews.This issue affects JNews: from n/a through 11.6.5.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 19th, 2025 (21 days ago)
|