CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24661 |
Description: Deserialization of Untrusted Data vulnerability in MagePeople Team Taxi Booking Manager for WooCommerce allows Object Injection. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.1.8.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24660 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership Custom Messages allows Reflected XSS. This issue affects Simple Membership Custom Messages: from n/a through 2.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24656 |
WordPress Realtyna Provisioning Plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Provisioning allows Reflected XSS. This issue affects Realtyna Provisioning: from n/a through 1.2.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24646 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maxim Glazunov XML for Avito allows Reflected XSS. This issue affects XML for Avito: from n/a through 2.5.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24643 |
Description: Missing Authorization vulnerability in Amento Tech Pvt ltd WPGuppy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPGuppy: from n/a through 1.1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24642 |
Description: Missing Authorization vulnerability in theme funda Setup Default Featured Image allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Setup Default Featured Image: from n/a through 1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24639 |
Description: Insertion of Sensitive Information Into Sent Data vulnerability in GREYS Korea for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects Korea for WooCommerce: from n/a through 1.1.11.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24631 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PhiloPress BP Email Assign Templates allows Reflected XSS. This issue affects BP Email Assign Templates: from n/a through 1.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24630 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MantraBrain Sikshya LMS allows Reflected XSS. This issue affects Sikshya LMS: from n/a through 0.0.21.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-24629 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPGear Import Excel to Gravity Forms allows Reflected XSS. This issue affects Import Excel to Gravity Forms: from n/a through 1.18.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|