Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Kaye Lifestyle Homes
Since its establishment in 1985, Kaye Lifestyle Homes has built a vast number of homes for families, bringing happiness and satisfaction to thousands of homeowners. With more than 4,000 unique homes under our belt, we take pride in being the leading family-owned home builder in Southwest Florida. Our homes are tailored to fit the lifestyle of each family, and we are delighted to hear how our clientsā homes have exceeded their expectations.Geo: USA - Leak size: 521 GB Archive - Contains: Files, SQL, Exchange
April 17th, 2025 (5 days ago)
|
CVE-2025-3615 |
Description: The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form-submission.js script in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: MEDIUM (6.4) EPSS Score: 0.03%
April 17th, 2025 (5 days ago)
|
|
CVE-2025-3113 |
Description: A valid, authenticated user with sufficient privileges and who is aware of Continuous Complianceās internal database configurations can leverage the applicationās built-in Connector functionality to access Continuous Complianceās internal database. This allows the user to explore the internal database schema and export its data, including the properties of Connecters and Rule Sets.
CVSS: CRITICAL (9.0) EPSS Score: 0.04%
April 17th, 2025 (5 days ago)
|
|
CVE-2025-2903 |
Description: An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform (GCP) using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious software, and disrupt or disable the functionality of the VM.
CVSS: HIGH (8.5) EPSS Score: 0.02%
April 17th, 2025 (5 days ago)
|
|
|
Description: Ever Tech Instrumental(ETI) has been a professional technologies agent in FPD industry over two decades. We are dedicated to importing SEMI/FPD related materials and equipments , New advanced materials, Optical and Analytical instruments from Japan and Korea.- Database- Financial documents- Personal information of employees and clients https://en.evertech.com.tw/
April 17th, 2025 (5 days ago)
|
|
|
Description: In times when transversality and multifunctionality are seen as assets that seemingly reinforce the quality of the professional services offered, at VIĆUELAS ABOGADOS, since our inception in 1987, we have presented ourselves as what we are and what we want to continue to be: A LAW FIRM.Our objective is none other than to defend our clients' interests in the legal field, avoiding actions that transcend and exceed the scope of our knowledge and experience.- Legal information of clients- Database- Financial documents- Personal information of employees and clients https://www.xn--viuelasabogados-zqb.es/
April 17th, 2025 (5 days ago)
|
|
CVE-2025-3295 |
Description: The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to read arbitrary files on the affected site's server which may reveal sensitive information.
CVSS: MEDIUM (4.9) EPSS Score: 0.04%
April 17th, 2025 (5 days ago)
|
|
CVE-2025-3294 |
Description: The WP Editor plugin for WordPress is vulnerable to arbitrary file update due to missing file path validation in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to overwrite arbitrary files on the affected site's server which may make remote code execution possible assuming the files can be written to by the web server.
CVSS: HIGH (7.2) EPSS Score: 0.17%
April 17th, 2025 (5 days ago)
|
|
CVE-2025-1525 |
Description: The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
EPSS Score: 0.03%
April 17th, 2025 (5 days ago)
|
|
CVE-2025-1524 |
Description: The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
EPSS Score: 0.03%
April 17th, 2025 (5 days ago)
|