CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-23955 |
Description: Missing Authorization vulnerability in xola.com Xola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through 1.6.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23954 |
Description: Missing Authorization vulnerability in AWcode & KingfisherFox Salvador – AI Image Generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salvador – AI Image Generator: from n/a through 1.0.11.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23951 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DivEngine Gallery: Hybrid – Advanced Visual Gallery allows Stored XSS.This issue affects Gallery: Hybrid – Advanced Visual Gallery: from n/a through 1.4.0.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23950 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Said Shiripour EZPlayer allows Stored XSS.This issue affects EZPlayer: from n/a through 1.0.10.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23947 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M.J WP-Player allows Stored XSS.This issue affects WP-Player: from n/a through 2.6.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23946 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in le Pixel Solitaire Enhanced YouTube Shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through 2.0.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23943 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arul PDF.js Shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23941 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meinturnierplan.de Team MeinTurnierplan.de Widget Viewer allows Stored XSS.This issue affects MeinTurnierplan.de Widget Viewer: from n/a through 1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23940 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiem Khan Image Switcher allows Stored XSS.This issue affects Image Switcher: from n/a through 0.1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23939 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiem Khan Image Switcher allows Stored XSS.This issue affects Image Switcher: from n/a through 1.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|