CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22779 |
Description: Missing Authorization vulnerability in Ugur CELIK WP News Sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through 1.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22778 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lijit Networks Inc. and Crowd Favorite Lijit Search allows Reflected XSS.This issue affects Lijit Search: from n/a through 1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22776 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jay Carter WP Bulletin Board allows Reflected XSS.This issue affects WP Bulletin Board: from n/a through 1.1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22773 |
Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in WPChill Htaccess File Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Htaccess File Editor: from n/a through 1.0.19.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22769 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Brahma Multifox allows Stored XSS.This issue affects Multifox: from n/a through 1.3.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22766 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Masoud Amini Zarinpal Paid Download allows Reflected XSS.This issue affects Zarinpal Paid Download: from n/a through 2.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22765 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uri Weil WP Order By allows Reflected XSS.This issue affects WP Order By: from n/a through 1.4.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22764 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpwebs Team - VA Jariwala WP Post Corrector allows Reflected XSS.This issue affects WP Post Corrector: from n/a through 1.0.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22762 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Octrace Studio WordPress HelpDesk & Support Ticket System Plugin – Octrace Support allows Stored XSS.This issue affects WordPress HelpDesk & Support Ticket System Plugin – Octrace Support: from n/a through 1.2.7.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2025-22761 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olaf Lederer Ajax Contact Form allows Stored XSS.This issue affects Ajax Contact Form: from n/a through 1.2.5.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|