Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2025
CVE-2025-48135
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aptivadadev Aptivada for WP aptivada-for-wp allows DOM-Based XSS.This issue affects Aptivada for WP: from n/a through <= 2.0.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-16
CVE-2025-48136
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Estatik Mortgage Calculator Estatik estatik-mortgage-calculator allows PHP Local File Inclusion.This issue affects Mortgage Calculator Estatik: from n/a through <= 2.0.12.
CVSS Score
7.5
EPSS Score
0.004
Published
2025-05-16
CVE-2025-48137
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in proxymis Interview interview allows SQL Injection.This issue affects Interview: from n/a through <= 1.01.
CVSS Score
8.5
EPSS Score
0.002
Published
2025-05-16
CVE-2025-48138
Missing Authorization vulnerability in Bertha AI &#8211; Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a through <= 1.13.
CVSS Score
4.3
EPSS Score
0.003
Published
2025-05-16
CVE-2025-48144
Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Stored XSS.This issue affects Import Export For WooCommerce: from n/a through <= 1.6.2.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-05-16
CVE-2025-48132
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows Stored XSS.This issue affects X Addons for Elementor: from n/a through <= 1.0.16.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-16
CVE-2025-39509
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode TNC FlipBook pdf-viewer-for-wordpress allows Stored XSS.This issue affects TNC FlipBook: from n/a through <= 12.1.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-16
CVE-2025-39481
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through < 3.11.4.
CVSS Score
9.3
EPSS Score
0.002
Published
2025-05-16
CVE-2025-39482
Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through < 3.11.4.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-05-16
CVE-2025-39493
Missing Authorization vulnerability in ValvePress Rankie valvepress-rankie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rankie: from n/a through < 1.8.2.
CVSS Score
4.3
EPSS Score
0.002
Published
2025-05-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved