CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22803 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Advanced Product Information for WooCommerce allows Stored XSS.This issue affects Advanced Product Information for WooCommerce: from n/a through 1.1.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22802 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail allows Stored XSS.This issue affects Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail: from n/a through 2.1.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22801 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through 1.2.8.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22595 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja Mailing Group Listserv allows Reflected XSS.This issue affects Mailing Group Listserv: from n/a through 2.0.9.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22594 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hccoder – Sándor Fodor Better User Shortcodes allows Reflected XSS.This issue affects Better User Shortcodes: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22561 |
Description: Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Title Experiments Free: from n/a through 9.0.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22542 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ofek Nakar Virtual Bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a through 1.0.0.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22540 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sebastian Orellana Emailing Subscription allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through 1.4.1.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22539 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ka2 Custom DataBase Tables allows Reflected XSS.This issue affects Custom DataBase Tables: from n/a through 2.1.34.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-22537 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in traveller11 Google Maps Travel Route allows SQL Injection.This issue affects Google Maps Travel Route: from n/a through 1.3.1.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|