CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22522 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roya Khosravi SingSong allows Stored XSS.This issue affects SingSong: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22520 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through 1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22519 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22518 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KentoThemes Justified Image Gallery allows Stored XSS.This issue affects Justified Image Gallery: from n/a through 1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22517 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Huson List Pages at Depth allows Stored XSS.This issue affects List Pages at Depth: from n/a through 1.5.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22516 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hitesh Patel Metadata SEO allows Stored XSS.This issue affects Metadata SEO: from n/a through 2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22515 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simon Chuang Show Google Analytics widget allows Stored XSS.This issue affects Show Google Analytics widget: from n/a through 1.5.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22512 |
Description: Missing Authorization vulnerability in Sprout Apps Help Scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through 6.5.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22511 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ella van Durpe Slides & Presentations allows Stored XSS.This issue affects Slides & Presentations: from n/a through 0.0.39.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2025-22507 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Benjamin Santalucia ([email protected]) WPMU Prefill Post allows SQL Injection.This issue affects WPMU Prefill Post: from n/a through 1.02.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|