Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32176
WordPress Gallery Blocks with Lightbox plugin <= 3.2.5 - Stored Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GalleryCreator Gallery Blocks with Lightbox allows Stored XSS. This issue affects Gallery Blocks with Lightbox: from n/a through 3.2.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32175
WordPress VK Filter Search plugin <= 2.14.1.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vektor,Inc. VK Filter Search allows Stored XSS. This issue affects VK Filter Search: from n/a through 2.14.1.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32174
WordPress Tockify Events Calendar plugin <= 2.2.13 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tockify Tockify Events Calendar allows DOM-Based XSS. This issue affects Tockify Events Calendar: from n/a through 2.2.13.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32173
WordPress B Blocks - The ultimate block collection plugin <= 2.0.0 - Stored Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks - The ultimate block collection allows Stored XSS. This issue affects B Blocks - The ultimate block collection: from n/a through 2.0.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32172
WordPress YaMaps for WordPress plugin <= 0.6.31 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yuri Baranov YaMaps for WordPress allows Stored XSS. This issue affects YaMaps for WordPress: from n/a through 0.6.31.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32171
WordPress Table Block by Tableberg – Best WordPress Table Plugin plugin <= 0.6.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imtiaz Rayhan Table Block by Tableberg allows Stored XSS. This issue affects Table Block by Tableberg: from n/a through 0.6.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32170
WordPress Motors plugin <= 1.4.65 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Motors allows Stored XSS. This issue affects Motors: from n/a through 1.4.65.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32169
WordPress Showeblogin Social plugin <= 7.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Prasad Showeblogin Social allows DOM-Based XSS. This issue affects Showeblogin Social: from n/a through 7.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32168
WordPress Gutenify plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeYatri Gutenify allows Stored XSS. This issue affects Gutenify: from n/a through 1.4.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)

CVE-2025-32167
WordPress SurveyJS plugin <= 1.12.20 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devsoftbaltic SurveyJS allows Stored XSS. This issue affects SurveyJS: from n/a through 1.12.20.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 4th, 2025 (18 days ago)