CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26991 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS. This issue affects WPPizza: from n/a through 3.19.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26987 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps allows Reflected XSS. This issue affects Frontend Admin by DynamiApps: from n/a through 3.25.17.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26985 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Majestic Support Majestic Support allows PHP Local File Inclusion. This issue affects Majestic Support: from n/a through 1.0.6.
CVSS: HIGH (8.1) EPSS Score: 0.14%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26981 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in accessiBe Web Accessibility By accessiBe allows Reflected XSS. This issue affects Web Accessibility By accessiBe: from n/a through 2.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26979 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FunnelKit Funnel Builder by FunnelKit allows PHP Local File Inclusion. This issue affects Funnel Builder by FunnelKit: from n/a through 3.9.0.
CVSS: HIGH (7.5) EPSS Score: 0.11%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26971 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ays-pro Poll Maker allows Blind SQL Injection. This issue affects Poll Maker: from n/a through 5.6.5.
CVSS: HIGH (7.6) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26964 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter Eventin allows PHP Local File Inclusion. This issue affects Eventin: from n/a through 4.0.20.
CVSS: HIGH (7.5) EPSS Score: 0.12% SSVC Exploitation: none
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26957 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Deetronix Affiliate Coupons allows PHP Local File Inclusion. This issue affects Affiliate Coupons: from n/a through 1.7.3.
CVSS: HIGH (7.5) EPSS Score: 0.12%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26946 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jgwhite33 WP Yelp Review Slider allows Blind SQL Injection. This issue affects WP Yelp Review Slider: from n/a through 8.1.
CVSS: HIGH (7.6) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
|
CVE-2025-26935 |
Description: Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This issue affects WP Job Portal: from n/a through 2.2.8.
CVSS: HIGH (7.5) EPSS Score: 0.06%
February 25th, 2025 (4 months ago)
|