CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-25094 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amitythemes.com Breaking News Ticker allows Stored XSS. This issue affects Breaking News Ticker: from n/a through 2.4.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25093 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper allows Path Traversal. This issue affects Child Themes Helper: from n/a through 2.2.7.
CVSS: MEDIUM (6.1) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25091 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zackdesign NextGen Cooliris Gallery allows Stored XSS. This issue affects NextGen Cooliris Gallery: from n/a through 0.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25088 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in blackus3r WP Keyword Monitor allows Stored XSS. This issue affects WP Keyword Monitor: from n/a through 1.0.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25085 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matt_mcbrien WP SimpleWeather allows Stored XSS. This issue affects WP SimpleWeather: from n/a through 0.2.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25082 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Chirkov FlexIDX Home Search allows Stored XSS. This issue affects FlexIDX Home Search: from n/a through 2.1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25081 |
Description: Missing Authorization vulnerability in DeannaS Embed RSS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Embed RSS: from n/a through 3.1.
CVSS: MEDIUM (4.2) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25080 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gubbigubbi Kona Gallery Block allows Stored XSS. This issue affects Kona Gallery Block: from n/a through 1.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25079 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Garrett Grimm Simple Select All Text Box allows Stored XSS. This issue affects Simple Select All Text Box: from n/a through 3.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2025-25078 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrew Norcross Google Earth Embed allows Stored XSS. This issue affects Google Earth Embed: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|