Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-31400
WordPress WS Audio Player plugin <= 1.1.8 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in icyleaf WS Audio Player allows Stored XSS. This issue affects WS Audio Player: from n/a through 1.1.8.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31399
WordPress CG Scroll To Top plugin <= 3.5 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Chandan Garg CG Scroll To Top allows Stored XSS. This issue affects CG Scroll To Top: from n/a through 3.5.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31395
WordPress Easy Custom CSS plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in a.ankit Easy Custom CSS allows Stored XSS. This issue affects Easy Custom CSS: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31394
WordPress More Mime Type Filters plugin <= 0.3 - CSRF to Stored XSS vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey (trepmal) More Mime Type Filters allows Stored XSS. This issue affects More Mime Type Filters: from n/a through 0.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31393
WordPress Social Bookmarking RELOADED plugin <= 3.18 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in vfvalent Social Bookmarking RELOADED allows Stored XSS. This issue affects Social Bookmarking RELOADED: from n/a through 3.18.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31392
WordPress Smart Product Gallery Slider plugin <= 1.0.4 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Shameem Reza Smart Product Gallery Slider allows Cross Site Request Forgery. This issue affects Smart Product Gallery Slider: from n/a through 1.0.4.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31391
WordPress Script Compressor plugin <= 1.7.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in regen Script Compressor allows Stored XSS. This issue affects Script Compressor: from n/a through 1.7.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31390
WordPress Social Crowd plugin <= 0.9.6.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in bdoga Social Crowd allows Stored XSS. This issue affects Social Crowd: from n/a through 0.9.6.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31388
WordPress The World plugin <= 0.4 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in doa The World allows Stored XSS. This issue affects The World: from n/a through 0.4.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)

CVE-2025-31385
WordPress Site Table of Contents plugin <= 0.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Site Table of Contents allows Stored XSS. This issue affects Site Table of Contents: from n/a through 0.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
April 9th, 2025 (12 days ago)