CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26547 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in nagarjunsonti My Login Logout Plugin allows Stored XSS. This issue affects My Login Logout Plugin: from n/a through 2.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-26545 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in shisuh Related Posts Line-up-Exactly by Milliard allows Stored XSS. This issue affects Related Posts Line-up-Exactly by Milliard: from n/a through 0.0.22.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-26543 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Pukhraj Suthar Simple Responsive Menu allows Stored XSS. This issue affects Simple Responsive Menu: from n/a through 2.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-26539 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in petkivim Embed Google Map allows Stored XSS. This issue affects Embed Google Map: from n/a through 3.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-26538 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan Rossiter Prezi Embedder allows Stored XSS. This issue affects Prezi Embedder: from n/a through 2.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-26511 |
Description: Systems running the Instaclustr
fork of Stratio's Cassandra-Lucene-Index plugin versions 4.0-rc1-1.0.0
through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0, installed into
Apache Cassandra version 4.x, are susceptible to a vulnerability which
when successfully exploited could allow authenticated Cassandra users to
remotely bypass RBAC and escalate their privileges.
CVSS: HIGH (8.8) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-26473 |
Description: The Mojave Inverter uses the GET method for sensitive information.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-25901 |
Description: A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-25900 |
Description: A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-25899 |
Description: A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter at /userRpm/WanDynamicIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|