CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-46477 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Carlo La Pera WP Customize Login Page allows Stored XSS. This issue affects WP Customize Login Page: from n/a through 1.6.5.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46476 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nayon46 Awesome Wp Image Gallery allows Stored XSS. This issue affects Awesome Wp Image Gallery: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46475 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in terrillthompson Able Player allows DOM-Based XSS. This issue affects Able Player: from n/a through 1.2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46473 |
Description: Deserialization of Untrusted Data vulnerability in djjmz Social Counter allows Object Injection. This issue affects Social Counter: from n/a through 2.0.5.
CVSS: HIGH (7.2) EPSS Score: 0.06%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46472 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons allows Stored XSS. This issue affects The Pack Elementor addons: from n/a through 2.1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46471 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gnanavelshenll WP Custom Post Popup allows DOM-Based XSS. This issue affects WP Custom Post Popup: from n/a through 1.0.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46470 |
Description: Missing Authorization vulnerability in Peter Raschendorfer Smart Hashtags [#hashtagger] allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Smart Hashtags [#hashtagger]: from n/a through 7.2.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46469 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Buddle Send From allows Stored XSS. This issue affects Send From: from n/a through 2.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46467 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rahendra Putra K™ RAphicon allows DOM-Based XSS. This issue affects RAphicon: from n/a through 2.1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 24th, 2025 (about 2 months ago)
|
|
CVE-2025-46466 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in felixtz Modern Polls allows Stored XSS. This issue affects Modern Polls: from n/a through 1.0.10.
CVSS: HIGH (7.1) EPSS Score: 0.02%
April 24th, 2025 (about 2 months ago)
|