CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22308 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in inc2734 Smart Custom Fields allows Stored XSS.This issue affects Smart Custom Fields: from n/a through 5.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22306 |
Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.7.7.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22305 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through 1.4.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22304 |
Description: Missing Authorization vulnerability in osamaesh WP Visitor Statistics (Real Time Traffic) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22303 |
Description: Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.17.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22302 |
Description: Missing Authorization vulnerability in WP Wand WP Wand allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through 1.2.5.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22301 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore: from n/a through 3.5.3.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22300 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager allows Cross Site Request Forgery.This issue affects PixelYourSite – Your smart PIXEL (TAG) Manager: from n/a through 10.0.1.2.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22299 |
Description: Missing Authorization vulnerability in spacecodes AI for SEO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI for SEO: from n/a through 1.2.9.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22298 |
Description: Missing Authorization vulnerability in Hive Support Hive Support – WordPress Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support – WordPress Help Desk: from n/a through 1.1.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|