CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31585 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in leadfox Leadfox for WordPress allows Cross Site Request Forgery. This issue affects Leadfox for WordPress: from n/a through 2.1.8.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31584 |
Description: Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31583 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Copy Media URL allows Stored XSS. This issue affects WP Copy Media URL: from n/a through 2.1.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31577 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify allows Upload a Web Shell to a Web Server. This issue affects Appointify: from n/a through 1.0.8.
CVSS: MEDIUM (6.6) EPSS Score: 0.05%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31576 |
Description: Missing Authorization vulnerability in Gagan Deep Singh PostmarkApp Email Integrator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PostmarkApp Email Integrator: from n/a through 2.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31575 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vasilis Triantafyllou Flag Icons allows Stored XSS. This issue affects Flag Icons: from n/a through 2.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31574 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Custom Content Scrollbar allows Stored XSS. This issue affects Custom Content Scrollbar: from n/a through 1.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31572 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in v20202020 Multi Days Events and Multi Events in One Day Calendar allows Cross Site Request Forgery. This issue affects Multi Days Events and Multi Events in One Day Calendar: from n/a through 1.1.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31570 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in wp-buy Related Posts Widget with Thumbnails allows Stored XSS. This issue affects Related Posts Widget with Thumbnails: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|
|
CVE-2025-31569 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in wp-buy wordpress related Posts with thumbnails allows Stored XSS. This issue affects wordpress related Posts with thumbnails: from n/a through 3.0.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 31st, 2025 (3 months ago)
|