CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-47659 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements allows Stored XSS. This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through 1.0.4.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47656 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spiraclethemes Spiraclethemes Site Library allows Stored XSS. This issue affects Spiraclethemes Site Library: from n/a through 1.4.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47647 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light allows Cross Site Request Forgery. This issue affects Sidebar Manager Light: from n/a through 1.18.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47644 |
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form allows Phishing. This issue affects Integrations of Zoho CRM with Elementor form: from n/a through 1.0.7.
CVSS: MEDIUM (4.7) EPSS Score: 0.03%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47638 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sarvesh M Rao WP Discord Invite allows Stored XSS. This issue affects WP Discord Invite: from n/a through 2.5.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47635 |
Description: Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress allows Server Side Request Forgery. This issue affects WebinarPress: from n/a through 1.33.27.
CVSS: MEDIUM (5.5) EPSS Score: 0.03%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47633 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Awin Awin – Advertiser Tracking for WooCommerce allows Cross Site Request Forgery. This issue affects Awin – Advertiser Tracking for WooCommerce: from n/a through 2.0.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47632 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raihanul Islam Awesome Gallery allows Stored XSS. This issue affects Awesome Gallery: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47630 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney Ajax Load More allows Stored XSS. This issue affects Ajax Load More: from n/a through 7.3.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 7th, 2025 (about 2 months ago)
|
|
CVE-2025-47628 |
Description: Missing Authorization vulnerability in quomodosoft QS Dark Mode allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QS Dark Mode: from n/a through 3.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 7th, 2025 (about 2 months ago)
|