Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-39444

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maxfoundry MaxButtons allows Stored XSS. This issue affects MaxButtons: from n/a through 9.8.3.

CVSS: MEDIUM (5.9)

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39443

Description: Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery. This issue affects Verge3D: from n/a through 4.9.0.

CVSS: MEDIUM (4.3)

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39442

Description: Cross-Site Request Forgery (CSRF) vulnerability in MessageMetric Review Wave – Google Places Reviews allows Stored XSS. This issue affects Review Wave – Google Places Reviews: from n/a through 1.4.7.

CVSS: HIGH (7.1)

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39441

Description: Cross-Site Request Forgery (CSRF) vulnerability in swedish boy Dashboard Notepads allows Stored XSS. This issue affects Dashboard Notepads: from n/a through 1.2.1.

CVSS: HIGH (7.1)

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39440

Description: Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Broken Links Remover allows Stored XSS. This issue affects Broken Links Remover: from n/a through 1.2.2.

CVSS: HIGH (7.1)

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39439

Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Markus Drubba wpLike2Get allows Retrieve Embedded Sensitive Data. This issue affects wpLike2Get: from n/a through 1.2.9.

CVSS: MEDIUM (5.3)

SSVC Exploitation: none

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39438

Description: Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery. This issue affects Theme Changer: from n/a through 1.3.

CVSS: MEDIUM (4.3)

SSVC Exploitation: none

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39437

Description: Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize allows Cross Site Request Forgery. This issue affects Anthologize: from n/a through 0.8.3.

CVSS: MEDIUM (4.3)

SSVC Exploitation: none

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39436

Description: Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using Malicious Files. This issue affects I Draw: from n/a through 1.0.

CVSS: CRITICAL (9.1)

SSVC Exploitation: none

Source: CVE
April 17th, 2025 (about 3 hours ago)

CVE-2025-39435

Description: Cross-Site Request Forgery (CSRF) vulnerability in davidfcarr My Marginalia allows Stored XSS. This issue affects My Marginalia: from n/a through 1.0.6.

CVSS: HIGH (7.1)

Source: CVE
April 17th, 2025 (about 3 hours ago)