CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22363 |
Description: Missing Authorization vulnerability in ORION Allada T-shirt Designer for Woocommerce.This issue affects Allada T-shirt Designer for Woocommerce: from n/a through 1.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22362 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Powerfusion WPAchievements Free allows Stored XSS.This issue affects WPAchievements Free: from n/a through 1.2.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22359 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PJFC SyncFields allows Reflected XSS.This issue affects SyncFields: from n/a through 2.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22358 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcon Simone Wp advertising management allows Reflected XSS.This issue affects Wp advertising management: from n/a through 1.0.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22357 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Plugins Target Notifications allows Reflected XSS.This issue affects Target Notifications: from n/a through 1.1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22355 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kiKx Kikx Simple Post Author Filter allows Reflected XSS.This issue affects Kikx Simple Post Author Filter: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22354 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Themes Digi Store allows DOM-Based XSS.This issue affects Digi Store: from n/a through 1.1.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22353 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Balcom-Vetillo Design, Inc. BVD Easy Gallery Manager allows Reflected XSS.This issue affects BVD Easy Gallery Manager: from n/a through 1.0.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22352 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes allows Blind SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes: from n/a through 1.4.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22351 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenguinArts Contact Form 7 Database – CFDB7 allows SQL Injection.This issue affects Contact Form 7 Database – CFDB7: from n/a through 1.0.0.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|