CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22733 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPHocus My auctions allegro allows Reflected XSS. This issue affects My auctions allegro: from n/a through 3.6.18.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22732 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Admiral Ad Blocking Detector allows Stored XSS. This issue affects Ad Blocking Detector: from n/a through 3.6.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22727 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps MailChimp Subscribe Forms allows Stored XSS. This issue affects MailChimp Subscribe Forms : from n/a through 4.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22723 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager allows Upload a Web Shell to a Web Server. This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.6.7.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22722 |
Description: Missing Authorization vulnerability in Widget Options Team Widget Options allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Widget Options: from n/a through 4.0.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22721 |
Description: Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ApplyOnline – Application Form Builder and Manager: from n/a through 2.6.7.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22719 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E4J s.r.l. VikAppointments Services Booking Calendar allows Stored XSS. This issue affects VikAppointments Services Booking Calendar: from n/a through 1.2.16.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22718 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roninwp FAT Event Lite allows Stored XSS. This issue affects FAT Event Lite: from n/a through 1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22717 |
Description: Missing Authorization vulnerability in Joe Dolson My Tickets allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects My Tickets: from n/a through 2.0.9.
CVSS: HIGH (7.5) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2025-22716 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Taskbuilder Team Taskbuilder allows SQL Injection. This issue affects Taskbuilder: from n/a through 3.0.6.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|