CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-39509 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode TNC FlipBook allows Stored XSS. This issue affects TNC FlipBook: from n/a through 12.1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-39493 |
Description: Missing Authorization vulnerability in ValvePress Rankie allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rankie: from n/a through 1.8.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-39482 |
Description: Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Eventer: from n/a through 3.9.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-32299 |
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themovation QuickCal allows Retrieve Embedded Sensitive Data. This issue affects QuickCal: from n/a through 1.0.15.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-32296 |
Description: Missing Authorization vulnerability in quantumcloud Simple Link Directory Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Link Directory Pro: from n/a through 14.7.3.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-32295 |
Description: Missing Authorization vulnerability in wordpresschef Salon Booking Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon Booking Pro: from n/a through 10.10.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-32180 |
Description: Missing Authorization vulnerability in QuanticaLabs CSS3 Tooltips for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Tooltips for WordPress: from n/a through 1.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-31923 |
Description: Missing Authorization vulnerability in QuanticaLabs CSS3 Accordions for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Accordions for WordPress: from n/a through 3.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-31921 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Ultimate Tours Builder allows Cross Site Request Forgery. This issue affects WP Ultimate Tours Builder: from n/a through 1.055.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 16th, 2025 (about 1 month ago)
|
|
CVE-2025-31915 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder allows Cross Site Request Forgery. This issue affects Pixel WordPress Form BuilderPlugin & Autoresponder: from n/a through 1.0.2.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
May 16th, 2025 (about 1 month ago)
|