CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-4154 |
Description: A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this issue is some unknown functionality of the file /admin/enrollment-details.php. The manipulation of the argument Status leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine kritische Schwachstelle wurde in PHPGurukul Pre-School Enrollment System 1.0 entdeckt. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /admin/enrollment-details.php. Mittels Manipulieren des Arguments Status mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.03% SSVC Exploitation: poc
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-4143 |
Description: The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirect_uri was on the allowed list of redirect URIs for the given client registration.
Fixed in: https://github.com/cloudflare/workers-oauth-provider/pull/26 https://github.com/cloudflare/workers-oauth-provider/pull/26
Impact:
Under certain circumstances (see below), if a victim had previously authorized with a server built on workers-oath-provider, and an attacker could later trick the victim into visiting a malicious web site, then attacker could potentially steal the victim's credentials to the same OAuth server and subsequently impersonate them.
In order for the attack to be possible, the OAuth server's authorized callback must be designed to auto-approve authorizations that appear to come from an OAuth client that the victim has authorized previously. The authorization flow is not implemented by workers-oauth-provider; it is up to the application built on top to decide whether to implement such automatic re-authorization. However, many applications do implement such logic.
Note: It is a basic, well-known requirement that OAuth servers should verify that the redirect URI is among the allowed list for the client, both during the authorization flow and subsequently when exchanging the authorization code for an access token. workers-oauth-provider implemented only the latter check, not the former. Unfortu...
CVSS: MEDIUM (6.0) EPSS Score: 0.01% SSVC Exploitation: none
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-4100 |
Description: The Nautic Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'np_marinetraffic_map' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: MEDIUM (6.4) EPSS Score: 0.03% SSVC Exploitation: none
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-4099 |
Description: The List Children plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'list_children' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: MEDIUM (6.4) EPSS Score: 0.03% SSVC Exploitation: none
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-3890 |
Description: The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' shortcode in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: MEDIUM (6.4) EPSS Score: 0.03% SSVC Exploitation: none
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-3889 |
Description: The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'process_payment_data' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to change the quantity of a product to a negative number, which subtracts the product cost from the total order cost. The attack will only work with Manual Checkout mode, as PayPal and Stripe will not process payments for a negative quantity.
CVSS: MEDIUM (5.3) EPSS Score: 0.04% SSVC Exploitation: none
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-3874 |
Description: The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. This makes it possible for unauthenticated attackers to access customer shopping carts and edit product links, add or delete products, and discover coupon codes.
CVSS: MEDIUM (6.5) EPSS Score: 0.1% SSVC Exploitation: none
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-3521 |
Description: The Team Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social Link icons in all versions up to, and including, 3.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: MEDIUM (6.4) EPSS Score: 0.03% SSVC Exploitation: none
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-3503 |
Description: The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVSS: MEDIUM (4.8) EPSS Score: 0.03% SSVC Exploitation: poc
May 1st, 2025 (about 2 months ago)
|
|
CVE-2025-25016 |
Description: Unrestricted file upload in Kibana allows an authenticated attacker to compromise software integrity by uploading a crafted malicious file due to insufficient server-side validation.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 1st, 2025 (about 2 months ago)
|