CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30912 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Float menu allows Cross Site Request Forgery. This issue affects Float menu: from n/a through 6.1.2.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30909 |
Description: Missing Authorization vulnerability in Conversios Conversios.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Conversios.io: from n/a through 7.2.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30907 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SecuPress SecuPress Free allows DOM-Based XSS. This issue affects SecuPress Free: from n/a through 2.2.5.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30904 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Chartify allows Stored XSS. This issue affects Chartify: from n/a through 3.1.7.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30903 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Mills SyntaxHighlighter Evolved allows DOM-Based XSS. This issue affects SyntaxHighlighter Evolved: from n/a through 3.7.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30900 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Subscriptions Zoho Billing – Embed Payment Form allows Stored XSS. This issue affects Zoho Billing – Embed Payment Form: from n/a through 4.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30899 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration allows Stored XSS. This issue affects User Registration: from n/a through 4.0.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30898 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahdi Yousefi [MahdiY] افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری) allows Stored XSS. This issue affects افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری): from n/a through 4.2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30897 |
Description: Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Analytify: from n/a through 5.5.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30896 |
Description: Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP ERP: from n/a through 1.13.4.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
March 27th, 2025 (3 months ago)
|