CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24700 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Reflected XSS. This issue affects WP Event Aggregator: from n/a through 1.8.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24699 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company WP Coder allows Cross-Site Scripting (XSS). This issue affects WP Coder: from n/a through 3.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24692 |
Description: Missing Authorization vulnerability in Michael Revellin-Clerc Bulk Menu Edit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bulk Menu Edit: from n/a through 1.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24688 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster allows Reflected XSS. This issue affects WP Mailster: from n/a through 1.8.20.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24641 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rickonline_nl Better WishList API allows Stored XSS. This issue affects Better WishList API: from n/a through 1.1.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24617 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter allows Reflected XSS. This issue affects AcyMailing SMTP Newsletter: from n/a through n/a.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24616 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UIUX Lab Uix Page Builder allows Reflected XSS. This issue affects Uix Page Builder: from n/a through 1.7.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24615 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fatcatapps Analytics Cat allows Reflected XSS. This issue affects Analytics Cat: from n/a through 1.1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24614 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in agileLogix Post Timeline allows Reflected XSS. This issue affects Post Timeline: from n/a through 2.3.9.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|
|
CVE-2025-24607 |
Description: Missing Authorization vulnerability in Northern Beaches Websites IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects IdeaPush: from n/a through 8.71.
CVSS: MEDIUM (5.8) EPSS Score: 0.04%
February 15th, 2025 (4 months ago)
|