CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26732 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BurgerThemes StoreBiz allows DOM-Based XSS.This issue affects StoreBiz: from n/a through 1.0.32.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-26731 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARPrice allows Stored XSS.This issue affects ARPrice: from n/a through 4.1.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-25100 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in victoracano Cazamba allows Reflected XSS.This issue affects Cazamba: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-25086 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Secret Meta allows Reflected XSS.This issue affects Secret Meta: from n/a through 1.2.1.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-22816 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeTrendy Power Mag allows DOM-Based XSS.This issue affects Power Mag: from n/a through 1.1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-22770 |
Description: Missing Authorization vulnerability in EnvoThemes Envo Multipurpose allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Multipurpose: from n/a through 1.1.6.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-22673 |
Description: Missing Authorization vulnerability in WPFactory EAN for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through 5.3.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-22672 |
Description: Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member allows Server Side Request Forgery.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through 1.1.2.
CVSS: MEDIUM (4.9) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-22671 |
WordPress Disable Elementor Editor Translation plugin <= 1.0.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through 1.0.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-22670 |
Description: Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.7.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
March 27th, 2025 (3 months ago)
|