CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30555 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in iiiryan WordPres 同步微博 allows Stored XSS. This issue affects WordPres 同步微博: from n/a through 1.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 24th, 2025 (3 months ago)
|
|
CVE-2025-30552 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Donald Gilbert WordPress Admin Bar Improved allows Stored XSS. This issue affects WordPress Admin Bar Improved: from n/a through 3.3.5.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 24th, 2025 (3 months ago)
|
|
CVE-2025-30550 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r allows Stored XSS. This issue affects CallPhone'r: from n/a through 1.1.1.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 24th, 2025 (3 months ago)
|
|
CVE-2025-30525 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ProfitShare.ro WP Profitshare allows SQL Injection. This issue affects WP Profitshare: from n/a through 1.4.9.
CVSS: HIGH (7.6) EPSS Score: 0.04%
March 24th, 2025 (3 months ago)
|
|
CVE-2025-30523 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marcel-NL Super Simple Subscriptions allows SQL Injection. This issue affects Super Simple Subscriptions: from n/a through 1.1.0.
CVSS: HIGH (7.6) EPSS Score: 0.04%
March 24th, 2025 (3 months ago)
|
|
CVE-2025-30522 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design allows Stored XSS. This issue affects Contact Form 7 Material Design: from n/a through 1.0.0.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 24th, 2025 (3 months ago)
|
|
CVE-2024-8774 |
Description: The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any authenticated SIMPLE.ERP user to escalate privileges to a database administrator.
This issue affect SIMPLE.ERP from 6.20 through 6.30. Only the 6.30 version received a patch [email protected], which removed the vulnerability. Versions 6.20 and 6.25 remain unpatched.
CVSS: HIGH (7.7) EPSS Score: 0.04% SSVC Exploitation: none
March 24th, 2025 (3 months ago)
|
|
CVE-2024-8773 |
Description: SIMPLE.ERP client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification.
This issue affect SIMPLE.ERP from 6.20 to 6.30. Only the 6.30 version received a patch [email protected], which make it possible for an administrator to enforce encrypted communication. Versions 6.20 and 6.25 remain unpatched.
CVSS: HIGH (8.3) EPSS Score: 0.09% SSVC Exploitation: none
March 24th, 2025 (3 months ago)
|
|
CVE-2021-3842 |
Description:
Nessus Plugin ID 233286 with High Severity
Synopsis
The remote Ubuntu host is missing one or more security updates.
Description
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7365-1 advisory. It was discovered that NLTK contained a regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-3842, CVE-2021-43854)Tenable has extracted the preceding description block directly from the Ubuntu security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected python-nltk and / or python3-nltk packages.
Read more at https://www.tenable.com/plugins/nessus/233286
CVSS: HIGH (7.5)
March 24th, 2025 (3 months ago)
|
|
CVE-2025-29795 |
Description: Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 0.04%
March 23rd, 2025 (3 months ago)
|