CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-23794 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rccoder wp_amaps allows Stored XSS.This issue affects wp_amaps: from n/a through 1.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23793 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Turcu Ciprian Auto FTP allows Stored XSS. This issue affects Auto FTP: from n/a through 1.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23791 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RocaPress Horizontal Line Shortcode allows Stored XSS.This issue affects Horizontal Line Shortcode: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23785 |
Description: Missing Authorization vulnerability in August Infotech AI Responsive Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Responsive Gallery Album: from n/a through 1.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23783 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek Namedays Widget From Eortologio.Net: from n/a through 20191113.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23780 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AlphaBPO Easy Code Snippets allows SQL Injection.This issue affects Easy Code Snippets: from n/a through 1.0.2.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23779 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in web-mv.de ResAds allows SQL Injection.This issue affects ResAds: from n/a through 2.0.5.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23778 |
Description: Missing Authorization vulnerability in Pravin Durugkar User Sync ActiveCampaign allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Sync ActiveCampaign: from n/a through 1.3.2.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23777 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Willows Consulting Ltd. GDPR Personal Data Reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through 1.0.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|
|
CVE-2025-23776 |
Description: Missing Authorization vulnerability in Thorn Technologies LLC Cache Sniper for Nginx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cache Sniper for Nginx: from n/a through 1.0.4.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 17th, 2025 (5 months ago)
|