CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24662 |
Description: Missing Authorization vulnerability in NotFound LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LearnDash LMS: from n/a through 4.20.0.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24653 |
Description: Missing Authorization vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through 7.6.1.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24628 |
Description: Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity Spoofing. This issue affects Google Captcha: from n/a through 1.78.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24626 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodePeople Music Store allows Reflected XSS. This issue affects Music Store: from n/a through 1.1.19.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24612 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MORKVA Shipping for Nova Poshta allows SQL Injection. This issue affects Shipping for Nova Poshta: from n/a through 1.19.6.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24606 |
Description: Missing Authorization vulnerability in Sprout Invoices Client Invoicing by Sprout Invoices allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Client Invoicing by Sprout Invoices: from n/a through 20.8.1.
CVSS: MEDIUM (6.4) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24603 |
Description: Missing Authorization vulnerability in UkrSolution Print Barcode Labels for your WooCommerce products/orders. This issue affects Print Barcode Labels for your WooCommerce products/orders: from n/a through 3.4.10.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24601 |
Description: Deserialization of Untrusted Data vulnerability in ThimPress FundPress allows Object Injection. This issue affects FundPress: from n/a through 2.0.6.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24600 |
Description: Missing Authorization vulnerability in David F. Carr RSVPMarker . This issue affects RSVPMarker : from n/a through 11.4.5.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2025-24593 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WisdmLabs Edwiser Bridge allows Reflected XSS. This issue affects Edwiser Bridge: from n/a through 3.0.8.
CVSS: HIGH (7.1) EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|