CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-13055	Dyn Business Panel <= 1.0.0 - Reflected XSS Description: The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-13052	Dental Optimizer Patient Generator App <= 1.0 - Reflected XSS Description: The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-12774	Altra Side Menu <= 2.0 - Abitrary Menu Deletion via CSRF Description: The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-12773	Altra Side Menu <= 2.0 - Admin+ SQL Injection Description: The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-0874	Coredns: cd bit response is cached and served later Description: A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching. EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
	Daily Dose of Dark Web Informer - January 27th, 2025 Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts. Source: DarkWebInformer January 27th, 2025 (5 months ago)
	Memos to Federal Employees Were Written By People With Ties to Project 2025, Metadata Shows Description: James Sherk and Noah Peters appear as the authors of memos sent by the Office of Personnel Management. Source: 404 Media January 27th, 2025 (5 months ago)
	For $50, Cyberattackers Can Use GhostGPT to Write Malicious Code Description: Malware writing is only one of the several malicious activities that adversaries can use the new, uncensored generative AI chatbot. Source: Dark Reading January 27th, 2025 (5 months ago)
	Change Healthcare Breach Impact Doubles to 190M People Description: One of the largest data breaches in history was apparently twice as impactful as previously thought, with PII belonging to hundreds of millions of people sitting in the hands of cybercriminals. Source: Dark Reading January 27th, 2025 (5 months ago)
	Spectral Capital Files Quantum Cybersecurity Patent Source: Dark Reading January 27th, 2025 (5 months ago)