CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-50028 |
Description: Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Push Notifications: from n/a through 1.1.9.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-49884 |
WordPress Internal Linking of Related Contents plugin <= 1.1.8 - Broken Access Control Vulnerability
Description: Missing Authorization vulnerability in alexvtn Internal Linking of Related Contents allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Linking of Related Contents: from n/a through 1.1.8.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-49319 |
Description: Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist for WooCommerce: from n/a through 3.2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-48339 |
Description: Missing Authorization vulnerability in activity-log.com Profiler - What Slowing Down Your WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Profiler - What Slowing Down Your WP: from n/a through 1.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-30959 |
Description: Missing Authorization vulnerability in WPFactory Product XML Feed Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product XML Feed Manager for WooCommerce: from n/a through 2.9.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-54051 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LightBox Block allows Stored XSS. This issue affects LightBox Block: from n/a through 1.1.30.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-54050 |
WordPress Responsive Addons for Elementor plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Addons for Elementor allows Stored XSS. This issue affects Responsive Addons for Elementor: from n/a through 1.7.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-54047 |
Description: Missing Authorization vulnerability in QuanticaLabs Cost Calculator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cost Calculator: from n/a through 7.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-54042 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site Request Forgery. This issue affects WP Post Hide: from n/a through 1.0.9.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
July 16th, 2025 (1 day ago)
|
|
CVE-2025-54041 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows Cross Site Request Forgery. This issue affects Wallet System for WooCommerce: from n/a through 2.6.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
July 16th, 2025 (1 day ago)
|