Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-46254
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through 45.10.0.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46247
Missing Authorization vulnerability in codepeople Appointment Booking Calendar allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Appointment Booking Calendar: from n/a through 1.3.92.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-04-22
CVE-2025-46249
Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor allows Cross Site Request Forgery. This issue affects Simple calendar for Elementor: from n/a through 1.6.4.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46250
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Ratudi VForm allows Stored XSS. This issue affects VForm: from n/a through 3.1.14.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46251
Cross-Site Request Forgery (CSRF) vulnerability in e4jvikwp VikRestaurants Table Reservations and Take-Away allows Cross Site Request Forgery. This issue affects VikRestaurants Table Reservations and Take-Away: from n/a through 1.3.3.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46252
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kofimokome Message Filter for Contact Form 7 allows SQL Injection. This issue affects Message Filter for Contact Form 7: from n/a through 1.6.3.2.
CVSS Score
7.6
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46242
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz allows SQL Injection. This issue affects Watu Quiz: from n/a through 3.4.3.
CVSS Score
7.6
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46243
Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows Cross Site Request Forgery. This issue affects Recover abandoned cart for WooCommerce: from n/a through 2.2.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46244
Missing Authorization vulnerability in Dotstore Advanced Linked Variations for Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Linked Variations for Woocommerce: from n/a through 1.0.3.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-04-22
CVE-2025-46245
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Ad Changer allows Cross Site Request Forgery. This issue affects CM Ad Changer: from n/a through 2.0.5.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved