CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-23922 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through 1.0.
CVSS: CRITICAL (10.0) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23919 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Ella van Durpe Slides & Presentations allows Code Injection.This issue affects Slides & Presentations: from n/a through 0.0.39.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23917 |
WordPress Chamber Dashboard Business Directory Plugin <= 3.3.8 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Chandrika Guntur, Morgan Kay Chamber Dashboard Business Directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chamber Dashboard Business Directory: from n/a through 3.3.8.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23916 |
Description: Missing Authorization vulnerability in Nuanced Media WP Meetup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meetup: from n/a through 2.3.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23915 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through 1.1.
CVSS: HIGH (7.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23913 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pankajpragma, rahulpragma WordPress Google Map Professional allows SQL Injection.This issue affects WordPress Google Map Professional: from n/a through 1.0.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23912 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typomedia Foundation WordPress Custom Sidebar allows Blind SQL Injection.This issue affects WordPress Custom Sidebar: from n/a through 2.3.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23911 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solidres Team Solidres – Hotel booking plugin allows SQL Injection.This issue affects Solidres – Hotel booking plugin: from n/a through 0.9.4.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23909 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Common Ninja Compare Ninja allows Stored XSS.This issue affects Compare Ninja: from n/a through 2.1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23908 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rami Yushuvaev Pastebin allows Stored XSS.This issue affects Pastebin: from n/a through 1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|