CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-24778	WordPress No Spam At All <= 1.3 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in De paragon No Spam At All allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects No Spam At All: from n/a through 1.3. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE June 6th, 2025 (25 days ago)
CVE-2025-24776	WordPress Responsive Flipbooks <= 1.0 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in codelobster Responsive Flipbooks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Responsive Flipbooks: from n/a through 1.0. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE June 6th, 2025 (25 days ago)
CVE-2025-24772	WordPress Pay with Contact Form 7 <= 1.0.4 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in cmsMinds Pay with Contact Form 7 allows Cross Site Request Forgery. This issue affects Pay with Contact Form 7: from n/a through 1.0.4. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE June 6th, 2025 (25 days ago)
CVE-2025-24763	WordPress bbPress API <= 1.0.14 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in Pascal Casier bbPress API allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects bbPress API: from n/a through 1.0.14. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE June 6th, 2025 (25 days ago)
CVE-2025-24762	WordPress TicketBAI Facturas para WooCommerce <= 3.19 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE June 6th, 2025 (25 days ago)
CVE-2025-23971	WordPress KI Live Video Conferences <= 5.5.15 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in whassan KI Live Video Conferences allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects KI Live Video Conferences: from n/a through 5.5.15. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE June 6th, 2025 (25 days ago)
CVE-2025-23969	WordPress KI Live Video Conferences <= 5.5.15 - Sensitive Data Exposure Vulnerability Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences allows Retrieve Embedded Sensitive Data. This issue affects KI Live Video Conferences: from n/a through 5.5.15. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE June 6th, 2025 (25 days ago)
	Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring Source: TheRegister June 6th, 2025 (25 days ago)
	MSFT-CrowdStrike 'Rosetta Stone' for Naming APTs: Meh? Description: Microsoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we've been here before. Source: Dark Reading June 6th, 2025 (25 days ago)
	Kettering Health confirms attack by Interlock ransomware group as health record system is restored Description: The Ohio-based Kettering Health system said a recent cyberattack was by the Interlock ransomware gang, which had claimed to steal troves of data from the organization. Source: The Record June 6th, 2025 (25 days ago)