CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24709 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plethora Plugins Plethora Plugins Tabs + Accordions allows Stored XSS. This issue affects Plethora Plugins Tabs + Accordions: from n/a through 1.1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24706 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiVendorX WC Marketplace allows Stored XSS. This issue affects WC Marketplace: from n/a through 4.2.13.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24705 |
Description: Missing Authorization vulnerability in Arshid WooCommerce Quick View allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Quick View: from n/a through 1.1.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24704 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sebastian Zaha Magic the Gathering Card Tooltips allows Stored XSS. This issue affects Magic the Gathering Card Tooltips: from n/a through 3.4.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24703 |
Description: Server-Side Request Forgery (SSRF) vulnerability in DLX Plugins Comment Edit Core – Simple Comment Editing allows Server Side Request Forgery. This issue affects Comment Edit Core – Simple Comment Editing: from n/a through 3.0.33.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24702 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xagio Xagio SEO allows Stored XSS. This issue affects Xagio SEO: from n/a through 7.0.0.20.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24701 |
Description: Server-Side Request Forgery (SSRF) vulnerability in Kiboko Labs Chained Quiz allows Server Side Request Forgery. This issue affects Chained Quiz: from n/a through 1.3.2.9.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24698 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in G5Theme Essential Real Estate allows Cross Site Request Forgery. This issue affects Essential Real Estate: from n/a through 5.1.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24696 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in WP Attire Attire Blocks allows Cross Site Request Forgery. This issue affects Attire Blocks: from n/a through 1.9.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24695 |
Description: Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensions For CF7 allows Server Side Request Forgery. This issue affects Extensions For CF7: from n/a through 3.2.0.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|