Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32241
WordPress Official CleverReach WooCommerce Integration Plugin <= 3.4.3 - CSRF to Settings Change vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in CleverReach® Official CleverReach Plugin for WooCommerce allows Cross Site Request Forgery. This issue affects Official CleverReach Plugin for WooCommerce: from n/a through 3.4.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.02%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32239
WordPress Social Share Buttons & Analytics Plugin plugin <= 4.5 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Joao Romao Social Share Buttons & Analytics Plugin – GetSocial.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social Share Buttons & Analytics Plugin – GetSocial.io: from n/a through 4.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32238
WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.2 - Sensitive Data Exposure vulnerability
Description: Generation of Error Message Containing Sensitive Information vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita allows Retrieve Embedded Sensitive Data. This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.5.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32237
WordPress MasterStudy LMS plugin <= 3.5.23 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Stylemix MasterStudy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MasterStudy LMS: from n/a through 3.5.23.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32235
WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.9.4.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32234
WordPress AdMail plugin <= 1.7.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in aleswebs AdMail – Multilingual Back in-Stock Notifier for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AdMail – Multilingual Back in-Stock Notifier for WooCommerce: from n/a through 1.7.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32233
WordPress Revive.so <= 2.0.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WP Chill Revive.so – Bulk Rewrite and Republish Blog Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Revive.so – Bulk Rewrite and Republish Blog Posts: from n/a through 2.0.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32232
WordPress StaffList plugin <= 3.2.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in ERA404 StaffList allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaffList: from n/a through 3.2.6.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32231
WordPress Bookingor plugin <= 1.0.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Bookingor Bookingor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bookingor: from n/a through 1.0.6.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32229
WordPress Variable Inspector plugin <= 2.6.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Bowo Variable Inspector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Variable Inspector: from n/a through 2.6.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)