CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31584 |
Description: Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31577 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify allows Upload a Web Shell to a Web Server. This issue affects Appointify: from n/a through 1.0.8.
CVSS: MEDIUM (6.6) EPSS Score: 0.05%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31576 |
Description: Missing Authorization vulnerability in Gagan Deep Singh PostmarkApp Email Integrator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PostmarkApp Email Integrator: from n/a through 2.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31575 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vasilis Triantafyllou Flag Icons allows Stored XSS. This issue affects Flag Icons: from n/a through 2.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31574 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Custom Content Scrollbar allows Stored XSS. This issue affects Custom Content Scrollbar: from n/a through 1.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31572 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in v20202020 Multi Days Events and Multi Events in One Day Calendar allows Cross Site Request Forgery. This issue affects Multi Days Events and Multi Events in One Day Calendar: from n/a through 1.1.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31567 |
WordPress Themesflat Addons For Elementor plugin <= 2.2.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows Stored XSS. This issue affects Themesflat Addons For Elementor: from n/a through 2.2.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31562 |
WordPress Uptime Robot Plugin for WordPress plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aphotrax Uptime Robot Plugin for WordPress allows DOM-Based XSS. This issue affects Uptime Robot Plugin for WordPress: from n/a through 2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31559 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Caspio Bridge Custom Database Applications by Caspio allows DOM-Based XSS. This issue affects Custom Database Applications by Caspio: from n/a through 2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31557 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MiKa OSM – OpenStreetMap allows DOM-Based XSS. This issue affects OSM – OpenStreetMap: from n/a through 6.1.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|