CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-27335 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Free plug in by SEO Roma Auto Tag Links allows Cross Site Request Forgery. This issue affects Auto Tag Links: from n/a through 1.0.13.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27332 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in gmnazmul Smart Maintenance & Countdown allows Stored XSS. This issue affects Smart Maintenance & Countdown: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.02%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27331 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sébastien Dumont WooCommerce Display Products by Tags allows DOM-Based XSS. This issue affects WooCommerce Display Products by Tags: from n/a through 1.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27330 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PlayerJS PlayerJS allows DOM-Based XSS. This issue affects PlayerJS: from n/a through 2.23.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27329 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in inlinkz EZ InLinkz linkup allows DOM-Based XSS. This issue affects EZ InLinkz linkup: from n/a through 0.18.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27328 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in queeez WP-PostRatings Cheater allows Cross Site Request Forgery. This issue affects WP-PostRatings Cheater: from n/a through 1.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27327 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Winlin Live Streaming Video Player – by SRS Player allows DOM-Based XSS. This issue affects Live Streaming Video Player – by SRS Player: from n/a through 1.0.18.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27325 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruce Video.js HLS Player allows DOM-Based XSS. This issue affects Video.js HLS Player: from n/a through 1.0.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27323 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jon Bishop WP About Author allows DOM-Based XSS. This issue affects WP About Author: from n/a through 1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-27321 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Blighty Blightly Explorer allows Stored XSS. This issue affects Blightly Explorer: from n/a through 2.3.0.
CVSS: HIGH (7.1) EPSS Score: 0.02%
February 24th, 2025 (4 months ago)
|