Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48269 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts allows DOM-Based XSS. This issue affects WPAdverts: from n/a through 2.2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48268 |
Description: Missing Authorization vulnerability in Guru Team Bot for Telegram on WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bot for Telegram on WooCommerce: from n/a through 1.2.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48266 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 Active Products Tables for WooCommerce allows Stored XSS. This issue affects Active Products Tables for WooCommerce: from n/a through 1.0.6.8.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48265 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Pektsekye Year Make Model Search for WooCommerce allows Cross Site Request Forgery. This issue affects Year Make Model Search for WooCommerce: from n/a through 1.0.11.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48264 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in artiosmedia Product Code for WooCommerce allows Cross Site Request Forgery. This issue affects Product Code for WooCommerce: from n/a through 1.5.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48263 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiVendorX MultiVendorX allows Stored XSS. This issue affects MultiVendorX: from n/a through 4.2.22.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48262 |
Description: Missing Authorization vulnerability in Michael Revellin-Clerc Url Rewrite Analyzer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Url Rewrite Analyzer: from n/a through 1.3.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48260 |
Description: Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48259 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico España allows Cross Site Request Forgery. This issue affects WP Mapa Politico España: from n/a through 3.8.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (22 days ago)
|
|
CVE-2025-48258 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jetmonsters Mega Menu Block allows Stored XSS. This issue affects Mega Menu Block: from n/a through 1.0.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (22 days ago)
|