CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-47546 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress allows Cross Site Request Forgery. This issue affects WP Compress: from n/a through 6.30.30.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47544 |
WordPress Dynamic Pricing With Discount Rules for WooCommerce <= 4.5.8 - SQL Injection Vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce allows Blind SQL Injection. This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through 4.5.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47538 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce allows SQL Injection. This issue affects Cart tracking for WooCommerce: from n/a through 1.0.17.
CVSS: HIGH (7.6) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47537 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in add-ons.org PDF Invoices for WooCommerce + Drag and Drop Template Builder allows SQL Injection. This issue affects PDF Invoices for WooCommerce + Drag and Drop Template Builder: from n/a through 5.3.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47533 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design Graphina allows PHP Local File Inclusion. This issue affects Graphina: from n/a through 3.0.4.
CVSS: HIGH (8.1) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47531 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes XT Event Widget for Social Events allows PHP Local File Inclusion. This issue affects XT Event Widget for Social Events: from n/a through 1.1.7.
CVSS: HIGH (7.5) EPSS Score: 0.13%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47517 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Accept Donations with PayPal allows Stored XSS. This issue affects Accept Donations with PayPal: from n/a through 1.4.5.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47514 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Eli ELI's Related Posts Footer Links and Widget allows Stored XSS. This issue affects ELI's Related Posts Footer Links and Widget: from n/a through 1.2.04.20.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47510 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fullworks Display Eventbrite Events allows PHP Local File Inclusion. This issue affects Display Eventbrite Events: from n/a through n/a.
CVSS: HIGH (7.5) EPSS Score: 0.13%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47508 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ruben Garcia GamiPress allows PHP Local File Inclusion. This issue affects GamiPress: from n/a through 7.3.7.
CVSS: HIGH (7.5) EPSS Score: 0.13%
May 7th, 2025 (about 1 month ago)
|