Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48288 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor allows Stored XSS. This issue affects ElementInvader Addons for Elementor: from n/a through 1.3.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48285 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in sbouey Falang multilanguage allows Cross Site Request Forgery. This issue affects Falang multilanguage: from n/a through 1.3.61.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48284 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in shohei.tanaka Japanized For WooCommerce allows Cross Site Request Forgery. This issue affects Japanized For WooCommerce: from n/a through 2.6.40.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48282 |
Description: Missing Authorization vulnerability in Majestic Support Majestic Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Majestic Support: from n/a through 1.1.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48280 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ruben Garcia AutomatorWP allows Blind SQL Injection. This issue affects AutomatorWP: from n/a through 5.2.1.3.
CVSS: HIGH (7.6) EPSS Score: 0.04%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48278 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in davidfcarr RSVPMarker allows SQL Injection. This issue affects RSVPMarker : from n/a through 11.5.6.
CVSS: HIGH (8.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48277 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder allows Stored XSS. This issue affects Cost Calculator Builder: from n/a through 3.2.74.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48276 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through 45.11.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48272 |
Description: Missing Authorization vulnerability in wpjobportal WP Job Portal allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Job Portal: from n/a through 2.3.2.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48270 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks allows DOM-Based XSS. This issue affects SKT Blocks: from n/a through 2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|