CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48247 |
Description: Missing Authorization vulnerability in Blair Williams Shortlinks by Pretty Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortlinks by Pretty Links: from n/a through 3.6.15.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48246 |
Description: Missing Authorization vulnerability in The Events Calendar The Events Calendar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Events Calendar: from n/a through 6.11.2.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48244 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48243 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.26.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48242 |
Description: Missing Authorization vulnerability in wpWax Legal Pages allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Legal Pages: from n/a through 1.4.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48240 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Cost of Goods for WooCommerce allows Stored XSS. This issue affects Cost of Goods for WooCommerce: from n/a through 3.7.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48239 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce allows Stored XSS. This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/a through 3.1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48237 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Wishlist for WooCommerce allows Stored XSS. This issue affects Wishlist for WooCommerce: from n/a through 3.2.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48235 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bogdan Bendziukov WP Image Mask allows DOM-Based XSS. This issue affects WP Image Mask: from n/a through 3.1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-48234 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks allows DOM-Based XSS. This issue affects Ultimate Blocks: from n/a through 3.3.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 19th, 2025 (about 1 month ago)
|