CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30856 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager allows Cross Site Request Forgery. This issue affects Custom Field For WP Job Manager: from n/a through 1.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30854 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial Codes Generator and Validator with WooCommerce Support allows Cross Site Request Forgery. This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.7.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30851 |
Description: Missing Authorization vulnerability in Tickera Tickera allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tickera: from n/a through 3.5.5.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30850 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sfaerber Dr. Flex allows Stored XSS. This issue affects Dr. Flex: from n/a through 2.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30847 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashley Novelist allows Stored XSS. This issue affects Novelist: from n/a through 1.2.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30842 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda allows Cross Site Request Forgery. This issue affects Christmas Panda: from n/a through 1.0.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30839 |
WordPress Taxi Booking Manager for WooCommerce plugin <= 1.2.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.2.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30838 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS. This issue affects Cozy Blocks: from n/a through 2.1.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30836 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LatePoint LatePoint allows Stored XSS. This issue affects LatePoint: from n/a through 5.1.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30833 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery. This issue affects Verge3D: from n/a through 4.8.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|