CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Cybersecurity Snapshot: NIST Details Attacks Against AI, Recommends Defenses, While ETSI Issues Quantum-Resistant Crypto Standard
Description: Check out NIST’s comprehensive taxonomy of cyberattacks against AI systems, along with mitigation recommendations. Plus, organizations have another cryptographic algorithm for protecting data against future quantum attacks. And get the latest on the IngressNightmare vulnerabilities, and on cyber risks impacting commercial satellites and domain registrars.Dive into five things that are top of mind for the week ending March 28.1 - NIST categorizes attacks against AI systems, offers mitigationsOrganizations deploying artificial intelligence (AI) systems must be prepared to defend them against cyberattacks — not a simple task.Recognizing this challenge, the U.S. government this week published a report to help organizations identify, address and manage cyber risks faced by AI systems.Titled “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations (NIST AI 100-2)” and published by the U.S. National Institute of Standards and Technology, the 127-page report also offers:A taxonomy of adversarial machine-learning (AML) attacks, such as evasion, poisoning, and privacy attacks against both predictive AI systems and generative AI systems; and of AML attacks targeting learning methods.Potential mitigations against AML attacks and their limitationsStandardized AML terminology, along with an index and a glossary“Despite the significant progress of AI and machine learning in different application domains, these technologies remain vulnerable to attacks,” reads ...

CVSS: HIGH (8.8)

EPSS Score: 4.82%

Source: Tenable Blog
March 28th, 2025 (3 months ago)

CVE-2025-31466
WordPress Duplicate Page and Post <= 1.0 - SQL Injection Vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Falcon Solutions Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 1.0.

CVSS: HIGH (8.5)

EPSS Score: 0.03%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31460
WordPress OmniLeads Scripts and Tags Manager plugin <= 1.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in danielmuldernl OmniLeads Scripts and Tags Manager allows Stored XSS. This issue affects OmniLeads Scripts and Tags Manager: from n/a through 1.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31459
WordPress Login Alert plugin <= 0.2.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in PasqualePuzio Login Alert allows Stored XSS. This issue affects Login Alert: from n/a through 0.2.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31458
WordPress Video Embedder plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in forsgren Video Embedder allows Stored XSS. This issue affects Video Embedder: from n/a through 1.7.1.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31449
WordPress The Visitor Counter plugin <= 1.4.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in EricH The Visitor Counter allows Stored XSS. This issue affects The Visitor Counter: from n/a through 1.4.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31444
WordPress ShowTime Slideshow plugin <= 1.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in youtag ShowTime Slideshow allows Stored XSS. This issue affects ShowTime Slideshow: from n/a through 1.6.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31443
WordPress KK I Like It plugin <= 1.7.5.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Furtak KK I Like It allows Stored XSS. This issue affects KK I Like It: from n/a through 1.7.5.3.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31440
WordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Terms of Use allows Stored XSS. This issue affects Terms of Use: from n/a through 2.0.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)

CVE-2025-31435
WordPress Microblog Poster plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Efficient Scripts Microblog Poster allows Stored XSS. This issue affects Microblog Poster: from n/a through 2.1.6.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE
March 28th, 2025 (3 months ago)