CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-28888
WordPress GiftXtore <= 1.7.4 - Local File Inclusion Vulnerability
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme GiftXtore allows PHP Local File Inclusion. This issue affects GiftXtore: from n/a through 1.7.4.

CVSS: HIGH (8.1)

EPSS Score: 0.15%

Source: CVE
June 9th, 2025 (15 days ago)

CVE-2025-27362
WordPress Petito <= 1.6.2 - Local File Inclusion Vulnerability
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Petito allows PHP Local File Inclusion. This issue affects Petito: from n/a through 1.6.2.

CVSS: HIGH (8.1)

EPSS Score: 0.15%

Source: CVE
June 9th, 2025 (15 days ago)

CVE-2025-26592
WordPress Inset <= 1.18.0 - Local File Inclusion Vulnerability
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset allows PHP Local File Inclusion. This issue affects Inset: from n/a through 1.18.0.

CVSS: HIGH (8.1)

EPSS Score: 0.15%

Source: CVE
June 9th, 2025 (15 days ago)

CVE-2025-24770
WordPress CraftXtore <= 1.7 - Local File Inclusion Vulnerability
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme CraftXtore allows PHP Local File Inclusion. This issue affects CraftXtore: from n/a through 1.7.

CVSS: HIGH (8.1)

EPSS Score: 0.15%

Source: CVE
June 9th, 2025 (15 days ago)

CVE-2025-24768
WordPress Nitan <= 2.9 - Local File Inclusion Vulnerability
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Nitan allows PHP Local File Inclusion. This issue affects Nitan: from n/a through 2.9.

CVSS: HIGH (8.1)

EPSS Score: 0.15%

Source: CVE
June 9th, 2025 (15 days ago)

CVE-2025-24767
WordPress TicketBAI Facturas para WooCommerce <= 3.19 - SQL Injection Vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Blind SQL Injection. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
June 9th, 2025 (15 days ago)

CVE-2025-23974
WordPress One-Login <= 1.4 - Privilege Escalation Vulnerability
Description: Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation. This issue affects One-Login: from n/a through 1.4.

CVSS: HIGH (8.1)

EPSS Score: 0.05%

Source: CVE
June 9th, 2025 (15 days ago)

CVE-2024-31585
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability...
Description: FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVSS: MEDIUM (5.3)

EPSS Score: 0.03%

SSVC Exploitation: none

Source: CVE
June 9th, 2025 (15 days ago)
Sensata Technologies says personal data stolen by ransomware gang
Description: Sensata Technologies is warning former and current employees it suffered a data breach after concluding an investigation into an April ransomware attack. [...]
Source: BleepingComputer
June 9th, 2025 (15 days ago)
Alleged data breach of IMS Consultores
Description: Alleged data breach of IMS Consultores
Source: DarkWebInformer
June 9th, 2025 (15 days ago)