CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-24747

Description: Missing Authorization vulnerability in Houzez.co Houzez. This issue affects Houzez: from n/a through 3.4.0.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24744

Description: Missing Authorization vulnerability in NotFound Bridge Core. This issue affects Bridge Core: from n/a through 3.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24743

Description: Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor. This issue affects RomethemeKit For Elementor: from n/a through 1.5.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24742

Description: Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go Maps. This issue affects WP Go Maps: from n/a through 9.0.40.

CVSS: MEDIUM (4.3)

EPSS Score: 0.06%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24741

Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KB Support KB Support. This issue affects KB Support: from n/a through 1.6.7.

CVSS: MEDIUM (4.7)

EPSS Score: 0.05%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24740

Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress. This issue affects LearnPress: from n/a through 4.2.7.1.

CVSS: MEDIUM (4.7)

EPSS Score: 0.06%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24734

Description: Missing Authorization vulnerability in CodeSolz Better Find and Replace allows Privilege Escalation. This issue affects Better Find and Replace: from n/a through 1.6.7.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24708

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Reflected XSS. This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.6.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24689

Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in codection Import and export users and customers allows Retrieve Embedded Sensitive Data. This issue affects Import and export users and customers: from n/a through 1.27.12.

CVSS: MEDIUM (5.9)

EPSS Score: 0.04%

Source: CVE
January 28th, 2025 (5 months ago)

CVE-2025-24685

Description: Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP Local File Inclusion. This issue affects Morkva UA Shipping: from n/a through 1.0.18.

CVSS: HIGH (8.1)

EPSS Score: 0.04%

Source: CVE
January 28th, 2025 (5 months ago)