CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31030 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jbhovik Ray Enterprise Translation allows PHP Local File Inclusion. This issue affects Ray Enterprise Translation: from n/a through 1.7.0.
CVSS: HIGH (7.5) EPSS Score: 0.11%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-31018 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FireDrum FireDrum Email Marketing allows Reflected XSS. This issue affects FireDrum Email Marketing: from n/a through 1.64.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-31006 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arete-it Activity Reactions For Buddypress allows Reflected XSS. This issue affects Activity Reactions For Buddypress: from n/a through 1.0.22.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-27354 |
WordPress Simple Email Subscriber plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phil88530 Simple Email Subscriber allows Reflected XSS. This issue affects Simple Email Subscriber: from n/a through 2.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-27346 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gerrygooner Rebuild Permalinks allows Reflected XSS. This issue affects Rebuild Permalinks: from n/a through 1.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-27345 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Deetronix Booking Ultra Pro allows Reflected XSS. This issue affects Booking Ultra Pro: from n/a through 1.1.19.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-27343 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop WooCommerce HTML5 Video allows Reflected XSS. This issue affects WooCommerce HTML5 Video: from n/a through 1.7.10.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-27338 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in graphems List Urls allows Reflected XSS. This issue affects List Urls: from n/a through 0.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-27337 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kontur Fontsampler allows Reflected XSS. This issue affects Fontsampler: from n/a through 0.4.14.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|
|
CVE-2025-27333 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alvego Protected wp-login allows Reflected XSS. This issue affects Protected wp-login: from n/a through 2.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 17th, 2025 (2 months ago)
|