CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31618 |
Description: Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.9.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31617 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Gagan Deep Singh PostmarkApp Email Integrator allows Cross Site Request Forgery. This issue affects PostmarkApp Email Integrator: from n/a through 2.4.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31616 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in AdminGeekZ Varnish WordPress allows Cross Site Request Forgery. This issue affects Varnish WordPress: from n/a through 1.7.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31615 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in owenr88 Simple Contact Forms allows Stored XSS. This issue affects Simple Contact Forms: from n/a through 1.6.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31614 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hiroprot Terms Before Download allows Stored XSS. This issue affects Terms Before Download: from n/a through 1.0.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31613 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel allows Cross Site Request Forgery. This issue affects AB Google Map Travel : from n/a through 4.6.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31611 |
Description: Missing Authorization vulnerability in Shaharia Azam Auto Post After Image Upload allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Post After Image Upload: from n/a through 1.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31610 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gingerplugins Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme allows Stored XSS. This issue affects Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme: from n/a through 1.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31609 |
Description: Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPCargo Track & Trace: from n/a through 7.0.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31608 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reDim GmbH CookieHint WP allows Stored XSS. This issue affects CookieHint WP: from n/a through 1.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|