CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-47656 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spiraclethemes Spiraclethemes Site Library allows Stored XSS. This issue affects Spiraclethemes Site Library: from n/a through 1.4.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47655 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in themarketer2023 theMarketer allows Stored XSS. This issue affects theMarketer: from n/a through 1.4.7.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47653 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in tggfref WP-Recall allows PHP Local File Inclusion. This issue affects WP-Recall: from n/a through 16.26.14.
CVSS: HIGH (7.5) EPSS Score: 0.13%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47649 |
Description: Path Traversal vulnerability in ilmosys Open Close WooCommerce Store allows PHP Local File Inclusion. This issue affects Open Close WooCommerce Store: from n/a through 4.9.5.
CVSS: HIGH (8.8) EPSS Score: 0.05%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47648 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in axima Pays – WooCommerce Payment Gateway allows Stored XSS. This issue affects Pays – WooCommerce Payment Gateway: from n/a through 2.6.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47647 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light allows Cross Site Request Forgery. This issue affects Sidebar Manager Light: from n/a through 1.18.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47644 |
Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form allows Phishing. This issue affects Integrations of Zoho CRM with Elementor form: from n/a through 1.0.7.
CVSS: MEDIUM (4.7) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47643 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX Product Feed for WooCommerce allows SQL Injection. This issue affects ELEX Product Feed for WooCommerce: from n/a through 3.1.2.
CVSS: HIGH (7.6) EPSS Score: 0.04%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47639 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Supertext Supertext Translation and Proofreading allows Stored XSS. This issue affects Supertext Translation and Proofreading: from n/a through 4.25.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-47638 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sarvesh M Rao WP Discord Invite allows Stored XSS. This issue affects WP Discord Invite: from n/a through 2.5.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
May 7th, 2025 (about 1 month ago)
|