CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30883 |
Description: Missing Authorization vulnerability in richplugins Trust.Reviews allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trust.Reviews: from n/a through 2.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30881 |
Description: Missing Authorization vulnerability in ThemeHunk Big Store allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Big Store: from n/a through 2.0.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30879 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in moreconvert MC Woocommerce Wishlist allows SQL Injection. This issue affects MC Woocommerce Wishlist: from n/a through 1.8.9.
CVSS: HIGH (7.6) EPSS Score: 0.04%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30877 |
Description: Missing Authorization vulnerability in fatcatapps Quiz Cat allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Quiz Cat: from n/a through 3.0.8.
CVSS: LOW (2.7) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30874 |
Description: Missing Authorization vulnerability in Jose Specific Content For Mobile allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specific Content For Mobile: from n/a through 0.5.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30873 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift allows Stored XSS. This issue affects Greenshift: from n/a through 11.0.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30872 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce allows Cross Site Request Forgery. This issue affects Product Author for WooCommerce: from n/a through 1.0.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30871 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.3.5.
CVSS: HIGH (7.5) EPSS Score: 0.13%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30868 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DynamicWebLab Team Manager allows PHP Local File Inclusion. This issue affects Team Manager: from n/a through 2.1.23.
CVSS: HIGH (7.5) EPSS Score: 0.12%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-30867 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SearchIQ SearchIQ allows Stored XSS. This issue affects SearchIQ: from n/a through 4.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|