CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-25098 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz Links in Captions allows Stored XSS. This issue affects Links in Captions: from n/a through 1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25097 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kwiliarty External Video For Everybody allows Stored XSS. This issue affects External Video For Everybody: from n/a through 2.1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25096 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in titusbicknell RSS in Page allows Stored XSS. This issue affects RSS in Page: from n/a through 2.9.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25095 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reverbnationdev ReverbNation Widgets allows Stored XSS. This issue affects ReverbNation Widgets: from n/a through 2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25094 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amitythemes.com Breaking News Ticker allows Stored XSS. This issue affects Breaking News Ticker: from n/a through 2.4.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25093 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper allows Path Traversal. This issue affects Child Themes Helper: from n/a through 2.2.7.
CVSS: MEDIUM (6.1) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25091 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zackdesign NextGen Cooliris Gallery allows Stored XSS. This issue affects NextGen Cooliris Gallery: from n/a through 0.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25085 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matt_mcbrien WP SimpleWeather allows Stored XSS. This issue affects WP SimpleWeather: from n/a through 0.2.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25082 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Chirkov FlexIDX Home Search allows Stored XSS. This issue affects FlexIDX Home Search: from n/a through 2.1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25081 |
Description: Missing Authorization vulnerability in DeannaS Embed RSS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Embed RSS: from n/a through 3.1.
CVSS: MEDIUM (4.2) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|