Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-47628
Missing Authorization vulnerability in quomodosoft QS Dark Mode allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QS Dark Mode: from n/a through 3.0.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-05-07
CVE-2025-47545
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker allows Leveraging Race Conditions. This issue affects Poll Maker: from n/a through 5.7.7.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-05-07
CVE-2025-47546
Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress allows Cross Site Request Forgery. This issue affects WP Compress: from n/a through 6.30.30.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-05-07
CVE-2025-47547
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter allows Stored XSS. This issue affects SendPulse Email Marketing Newsletter: from n/a through 2.1.6.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-05-07
CVE-2025-47548
Server-Side Request Forgery (SSRF) vulnerability in Varun Dubey Wbcom Designs - Activity Link Preview For BuddyPress allows Server Side Request Forgery. This issue affects Wbcom Designs - Activity Link Preview For BuddyPress: from n/a through 1.4.4.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-05-07
CVE-2025-47549
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-05-07
CVE-2025-47550
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload a Web Shell to a Web Server. This issue affects Instantio: from n/a through 3.3.16.
CVSS Score
6.6
EPSS Score
0.001
Published
2025-05-07
CVE-2025-20953
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20954
Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20937
Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-05-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved