CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31783 |
WordPress Leartes TRY Exchange Rates Plugin <= 2.1 - Stored Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leartes.NET Leartes TRY Exchange Rates allows Stored XSS. This issue affects Leartes TRY Exchange Rates: from n/a through 2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31782 |
Description: Missing Authorization vulnerability in pupunzi mb.YTPlayer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects mb.YTPlayer: from n/a through 3.3.8.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31781 |
Description: Missing Authorization vulnerability in ahmadshyk Gift Cards for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Gift Cards for WooCommerce: from n/a through 1.5.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31780 |
Description: Missing Authorization vulnerability in Andy Stratton Append Content allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Append Content: from n/a through 2.1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31779 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Jonathan Daggerhart Query Wrangler allows Cross Site Request Forgery. This issue affects Query Wrangler: from n/a through 1.5.53.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31778 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raphaelheide Donate Me allows Reflected XSS. This issue affects Donate Me: from n/a through 1.2.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31777 |
Description: Missing Authorization vulnerability in BeastThemes Clockinator Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clockinator Lite: from n/a through 1.0.7.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31776 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Aphotrax Uptime Robot Plugin for WordPress allows Cross Site Request Forgery. This issue affects Uptime Robot Plugin for WordPress: from n/a through 2.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31775 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in smackcoders Google SEO Pressor Snippet allows Cross Site Request Forgery. This issue affects Google SEO Pressor Snippet: from n/a through 2.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31774 |
Description: Missing Authorization vulnerability in WebProtect.ai Astra Security Suite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Astra Security Suite: from n/a through 0.2.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|