CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26924 |
Description: Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ohio Extra allows Code Injection. This issue affects Ohio Extra: from n/a through 3.4.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26921 |
Description: Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager allows Object Injection. This issue affects Booking and Rental Manager: from n/a through 2.2.6.
CVSS: HIGH (8.8) EPSS Score: 0.06%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26899 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Recovery and Email Marketing Recapture for WooCommerce allows Cross Site Request Forgery. This issue affects Recapture for WooCommerce: from n/a through 1.0.43.
CVSS: MEDIUM (6.5) EPSS Score: 0.02%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26895 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maennchen1.de m1.DownloadList allows DOM-Based XSS. This issue affects m1.DownloadList: from n/a through 0.19.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26886 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Authors allows SQL Injection. This issue affects PublishPress Authors: from n/a through 4.7.3.
CVSS: HIGH (7.6) EPSS Score: 0.04%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26875 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce allows SQL Injection. This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through 1.3.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26556 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zzmaster WP AntiDDOS allows Reflected XSS. This issue affects WP AntiDDOS: from n/a through 2.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26555 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Debug-Bar-Extender allows Reflected XSS. This issue affects Debug-Bar-Extender: from n/a through 0.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26554 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Discord Post allows Reflected XSS. This issue affects WP Discord Post: from n/a through 2.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26553 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spring Devs Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin allows Reflected XSS. This issue affects Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin: from n/a through 2.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 15th, 2025 (3 months ago)
|