CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31810 |
Description: Missing Authorization vulnerability in PickPlugins Question Answer allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Question Answer: from n/a through 1.2.70.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31809 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator allows Cross Site Request Forgery. This issue affects Labinator Content Types Duplicator: from n/a through 1.1.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31808 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor allows Cross Site Request Forgery. This issue affects SCSS WP Editor: from n/a through 1.1.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31807 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce allows Cross Site Request Forgery. This issue affects Product Notices for WooCommerce: from n/a through 1.3.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31806 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uSystems Webling allows Stored XSS. This issue affects Webling: from n/a through 3.9.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31805 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Systems Gutena Kit – Gutenberg Blocks and Templates allows Stored XSS. This issue affects Gutena Kit – Gutenberg Blocks and Templates: from n/a through 2.0.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31804 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DraftPress Team Follow Us Badges allows Stored XSS. This issue affects Follow Us Badges: from n/a through 3.1.11.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31803 |
WordPress Turisbook Booking System plugin <= 1.3.7 - Stored Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neteuro Turisbook Booking System allows Stored XSS. This issue affects Turisbook Booking System: from n/a through 1.3.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31802 |
Description: Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shiptimize for WooCommerce: from n/a through 3.1.86.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31801 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks allows Reflected XSS. This issue affects MX Time Zone Clocks: from n/a through 5.1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 1st, 2025 (3 months ago)
|