CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31596 |
Description: Missing Authorization vulnerability in Chatwee Chat by Chatwee allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chat by Chatwee: from n/a through 2.1.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31595 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Timeline Event History allows Stored XSS. This issue affects Timeline Event History: from n/a through 3.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31593 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OpenMenu OpenMenu allows Stored XSS. This issue affects OpenMenu: from n/a through 3.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31592 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo Melchiorre Send E-mail allows Stored XSS. This issue affects Send E-mail: from n/a through 1.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31591 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in promoz73 Exit Popup Free allows Stored XSS. This issue affects Exit Popup Free: from n/a through 1.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31590 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denra.com WP Date and Time Shortcode allows Stored XSS. This issue affects WP Date and Time Shortcode: from n/a through 2.6.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31589 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kibru Demeke Ethiopian Calendar allows Stored XSS. This issue affects Ethiopian Calendar: from n/a through 1.1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31588 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in elfsight Elfsight Testimonials Slider allows Cross Site Request Forgery. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31587 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elfsight Elfsight Testimonials Slider allows Stored XSS. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31586 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery – Photo Albums Plugin allows Stored XSS. This issue affects Gallery – Photo Albums Plugin: from n/a through 1.3.170.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|