CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32120 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erick Danzer Easy Query – WP Query Builder allows Blind SQL Injection. This issue affects Easy Query – WP Query Builder: from n/a through 2.0.4.
CVSS: HIGH (7.6) EPSS Score: 0.04%
April 4th, 2025 (2 months ago)
|
|
CVE-2025-32113 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas allows Cross Site Request Forgery. This issue affects Libro de Reclamaciones y Quejas: from n/a through 0.9.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 4th, 2025 (2 months ago)
|
|
CVE-2025-32112 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light allows Cross Site Request Forgery. This issue affects Sidebar Manager Light: from n/a through 1.1.8.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 4th, 2025 (2 months ago)
|
|
CVE-2025-31418 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noonnoo Gravel allows Reflected XSS.This issue affects Gravel: from n/a through 1.6.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
April 4th, 2025 (2 months ago)
|
|
CVE-2025-31416 |
WordPress Awesome Event Booking plugin <= 2.8.4 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwesomeTOGI Awesome Event Booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through 2.8.4.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
April 4th, 2025 (2 months ago)
|
|
CVE-2025-31405 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zankover Fami WooCommerce Compare allows PHP Local File Inclusion.This issue affects Fami WooCommerce Compare: from n/a through 1.0.5.
CVSS: HIGH (7.5) EPSS Score: 0.11% SSVC Exploitation: none
April 4th, 2025 (2 months ago)
|
|
CVE-2025-31389 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sequel.Io Sequel allows Reflected XSS.This issue affects Sequel: from n/a through 1.0.11.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 4th, 2025 (2 months ago)
|
|
CVE-2025-31384 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 4th, 2025 (2 months ago)
|
|
CVE-2025-31420 |
Description: Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.4.2.
CVSS: HIGH (7.6) EPSS Score: 0.04%
April 4th, 2025 (2 months ago)
|
|
CVE-2025-22282 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EPC ez Form Calculator - WordPress plugin allows Reflected XSS.This issue affects ez Form Calculator - WordPress plugin: from n/a through 2.14.1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 4th, 2025 (2 months ago)
|