CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24701 |
Description: Server-Side Request Forgery (SSRF) vulnerability in Kiboko Labs Chained Quiz allows Server Side Request Forgery. This issue affects Chained Quiz: from n/a through 1.3.2.9.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24698 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in G5Theme Essential Real Estate allows Cross Site Request Forgery. This issue affects Essential Real Estate: from n/a through 5.1.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24696 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in WP Attire Attire Blocks allows Cross Site Request Forgery. This issue affects Attire Blocks: from n/a through 1.9.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24695 |
Description: Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensions For CF7 allows Server Side Request Forgery. This issue affects Extensions For CF7: from n/a through 3.2.0.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24693 |
Description: Missing Authorization vulnerability in Yehi Advanced Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Notifications: from n/a through 1.2.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24691 |
Description: Missing Authorization vulnerability in Gagan Sandhu , Enej Bajgoric , CTLT DEV, UBC People Lists allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects People Lists: from n/a through 1.3.10.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24687 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lars Wallenborn Show/Hide Shortcode allows Stored XSS. This issue affects Show/Hide Shortcode: from n/a through 1.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24682 |
Description: Missing Authorization vulnerability in mikemmx Super Block Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Super Block Slider: from n/a through 2.7.9.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24681 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Product Carousel Slider & Grid Ultimate for WooCommerce allows Stored XSS. This issue affects Product Carousel Slider & Grid Ultimate for WooCommerce: from n/a through 1.10.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24679 |
Description: Missing Authorization vulnerability in webraketen Internal Links Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Links Manager: from n/a through 2.5.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|