CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30589 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Flickr set slideshows allows SQL Injection. This issue affects Flickr set slideshows: from n/a through 0.9.
CVSS: HIGH (8.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-30579 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jakeii Pesapal Gateway for Woocommerce allows Reflected XSS. This issue affects Pesapal Gateway for Woocommerce: from n/a through 2.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-30563 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Tidekey allows Reflected XSS. This issue affects Tidekey: from n/a through 1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-30559 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Kento WordPress Stats allows Stored XSS. This issue affects Kento WordPress Stats: from n/a through 1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-30548 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VarDump s.r.l. Advanced Post Search allows Reflected XSS. This issue affects Advanced Post Search: from n/a through 1.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-30547 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Tufts WP Cards allows Reflected XSS. This issue affects WP Cards: from n/a through 1.5.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-30544 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound OK Poster Group allows Reflected XSS. This issue affects OK Poster Group: from n/a through 1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-30520 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in crosstec Breezing Forms allows Reflected XSS. This issue affects Breezing Forms: from n/a through 1.2.8.11.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-22277 |
Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos allows Authentication Abuse. This issue affects Vitepos: from n/a through 3.1.4.
CVSS: HIGH (8.8) EPSS Score: 0.06%
April 1st, 2025 (3 months ago)
|
|
CVE-2024-13567 |
Description: The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.3.1 via the 'awesome-support' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/awesome-support directory which can contain file attachments included in support tickets. The vulnerability was partially patched in version 6.3.1.
CVSS: HIGH (7.5) EPSS Score: 0.05%
April 1st, 2025 (3 months ago)
|