CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-33542 |
Description: Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-13829 |
Description: The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.0.8 via the 'attachments.php' file. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via forms.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2025-24677 |
Description: Improper Control of Generation of Code ('Code Injection') vulnerability in WPSpins Post/Page Copying Tool allows Remote Code Inclusion. This issue affects Post/Page Copying Tool: from n/a through 2.0.3.
CVSS: CRITICAL (9.9) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|
|
CVE-2025-24648 |
Description: Incorrect Privilege Assignment vulnerability in wpase.com Admin and Site Enhancements (ASE) allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE): from n/a through 7.6.2.1.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|
|
CVE-2025-24602 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP24 WP24 Domain Check allows Reflected XSS. This issue affects WP24 Domain Check: from n/a through 1.10.14.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|
|
CVE-2025-24599 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS. This issue affects Newsletters: from n/a through 4.9.9.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|
|
CVE-2025-24598 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster allows Reflected XSS. This issue affects WP Mailster: from n/a through 1.8.17.0.
CVSS: HIGH (7.1) EPSS Score: 0.05%
February 5th, 2025 (5 months ago)
|
|
CVE-2025-23645 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Optimize Worldwide Find Content IDs allows Reflected XSS. This issue affects Find Content IDs: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|
|
CVE-2025-22794 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Landoweb Programador World Cup Predictor allows Reflected XSS. This issue affects World Cup Predictor: from n/a through 1.9.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|
|
CVE-2025-22730 |
Description: Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ksher: from n/a through 1.1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|