CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-23771 |
Description: Missing Authorization vulnerability in Murali Push Notification for Post and BuddyPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Push Notification for Post and BuddyPress: from n/a through 2.11.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23766 |
Description: Missing Authorization vulnerability in ashamil OPSI Israel Domestic Shipments allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OPSI Israel Domestic Shipments: from n/a through 2.6.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23751 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Data Dash allows Reflected XSS. This issue affects Data Dash: from n/a through 1.2.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23750 |
WordPress Custom Widget Creator plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devbunchuk Custom Widget Creator allows Reflected XSS. This issue affects Custom Widget Creator: from n/a through 1.0.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23748 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Singsys -Awesome Gallery allows Reflected XSS. This issue affects Singsys -Awesome Gallery: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23742 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podamibe Nepal Podamibe Twilio Private Call allows Reflected XSS. This issue affects Podamibe Twilio Private Call: from n/a through 1.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23658 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tauhidul Alam Advanced Angular Contact Form allows Reflected XSS. This issue affects Advanced Angular Contact Form: from n/a through 1.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23657 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WordPress-to-candidate for Salesforce CRM allows Reflected XSS. This issue affects WordPress-to-candidate for Salesforce CRM: from n/a through 1.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23655 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Contact Form 7 – Paystack Add-on allows Reflected XSS. This issue affects Contact Form 7 – Paystack Add-on: from n/a through 1.2.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-23653 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Form To Online Booking allows Reflected XSS. This issue affects Form To Online Booking: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|