CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22795 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thorsten Krug Multilang Contact Form allows Reflected XSS.This issue affects Multilang Contact Form: from n/a through 1.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22793 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bold Bold pagos en linea allows DOM-Based XSS.This issue affects Bold pagos en linea: from n/a through 3.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22788 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codexpert, Inc CoDesigner WooCommerce Builder for Elementor allows Stored XSS.This issue affects CoDesigner WooCommerce Builder for Elementor: from n/a through 4.7.17.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22787 |
Description: Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through 1.1.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22786 |
Description: Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.6.
CVSS: HIGH (7.5) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22785 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ComMotion Course Booking System allows SQL Injection.This issue affects Course Booking System: from n/a through 6.0.5.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22784 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Johan Ström Background Control allows Path Traversal.This issue affects Background Control: from n/a through 1.0.5.
CVSS: HIGH (8.6) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22782 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through 1.0.8.
CVSS: CRITICAL (9.9) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22781 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nativery Developer Nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through 0.1.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22780 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Yuzhakov wp-pano allows Stored XSS.This issue affects wp-pano: from n/a through 1.17.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|