CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-49315 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PersianScript Persian Woocommerce SMS allows SQL Injection. This issue affects Persian Woocommerce SMS: from n/a through 7.0.10.
CVSS: HIGH (7.6) EPSS Score: 0.04%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49314 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ovatheme BRW allows Stored XSS. This issue affects BRW: from n/a through 1.8.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49313 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW allows PHP Local File Inclusion. This issue affects BRW: from n/a through 1.8.6.
CVSS: HIGH (7.5) EPSS Score: 0.13%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49311 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CoolHappy The Events Calendar Countdown Addon allows Stored XSS. This issue affects The Events Calendar Countdown Addon: from n/a through 1.4.9.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49310 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M A Vinoth Kumar Frontend Dashboard allows Stored XSS. This issue affects Frontend Dashboard: from n/a through 2.2.8.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49309 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Team Member allows Stored XSS. This issue affects HT Team Member: from n/a through 1.1.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49308 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.5.1.
CVSS: HIGH (7.5) EPSS Score: 0.13%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49307 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magazine3 WP Multilang allows PHP Local File Inclusion. This issue affects WP Multilang: from n/a through 2.4.19.
CVSS: HIGH (7.5) EPSS Score: 0.13%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49306 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 6th, 2025 (23 days ago)
|
|
CVE-2025-49305 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode Product Catalog Simple allows Stored XSS. This issue affects Product Catalog Simple: from n/a through 1.8.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 6th, 2025 (23 days ago)
|