CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24603 |
Description: Missing Authorization vulnerability in UkrSolution Print Barcode Labels for your WooCommerce products/orders. This issue affects Print Barcode Labels for your WooCommerce products/orders: from n/a through 3.4.10.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24600 |
Description: Missing Authorization vulnerability in David F. Carr RSVPMarker . This issue affects RSVPMarker : from n/a through 11.4.5.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24590 |
WordPress picu – Online Photo Proofing Gallery plugin <= 2.4.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Haptiq picu – Online Photo Proofing Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects picu – Online Photo Proofing Gallery: from n/a through 2.4.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24584 |
Description: Missing Authorization vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.3.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24540 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd allows Cross Site Request Forgery. This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through 6.18.9.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24538 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in slaFFik BuddyPress Groups Extras allows Cross Site Request Forgery. This issue affects BuddyPress Groups Extras: from n/a through 3.6.10.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24537 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar The Events Calendar allows Cross Site Request Forgery. This issue affects The Events Calendar: from n/a through 6.7.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24533 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsive Slider by MetaSlider allows Cross Site Request Forgery. This issue affects Responsive Slider by MetaSlider: from n/a through 3.92.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-23935 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magic Plugin Factory Magic Google Maps allows Stored XSS.
This issue affects Magic Google Maps: from n/a through 1.0.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-23849 |
Description: Missing Authorization vulnerability in Benjamin Piwowarski PAPERCITE allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PAPERCITE: from n/a through 0.5.18.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|