CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31822 |
Description: Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Simple HTML Sitemap: from n/a through 3.2.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31821 |
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integration of Zoho CRM and Contact Form 7 allows Phishing. This issue affects Integration of Zoho CRM and Contact Form 7: from n/a through 1.0.6.
CVSS: MEDIUM (4.7) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31820 |
Description: Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Automatic Featured Images from Videos: from n/a through 1.2.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31818 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ContentBot.ai ContentBot AI Writer allows Stored XSS. This issue affects ContentBot AI Writer: from n/a through 1.2.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31817 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWheels BlockWheels allows DOM-Based XSS. This issue affects BlockWheels: from n/a through 1.0.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31816 |
Description: Missing Authorization vulnerability in pietro Mobile App Canvas allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mobile App Canvas: from n/a through 3.8.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31815 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devscred Design Blocks allows Stored XSS. This issue affects Design Blocks: from n/a through 1.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31814 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in OwnerRez OwnerRez allows Cross Site Request Forgery. This issue affects OwnerRez: from n/a through 1.2.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31813 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Website366.com WPSHARE247 Elementor Addons allows Stored XSS. This issue affects WPSHARE247 Elementor Addons: from n/a through 2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31812 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas BuddyPress Members Only allows Stored XSS. This issue affects BuddyPress Members Only: from n/a through 3.5.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|