CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31923 |
Description: Missing Authorization vulnerability in QuanticaLabs CSS3 Accordions for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Accordions for WordPress: from n/a through 3.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31922 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in QuanticaLabs CSS3 Accordions for WordPress allows Stored XSS. This issue affects CSS3 Accordions for WordPress: from n/a through 3.0.
CVSS: HIGH (7.1) EPSS Score: 0.02%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31921 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Ultimate Tours Builder allows Cross Site Request Forgery. This issue affects WP Ultimate Tours Builder: from n/a through 1.055.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31915 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder allows Cross Site Request Forgery. This issue affects Pixel WordPress Form BuilderPlugin & Autoresponder: from n/a through 1.0.2.
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31641 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup UberSlider allows SQL Injection. This issue affects UberSlider: from n/a through 2.3.
CVSS: HIGH (8.5) EPSS Score: 0.03%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31640 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress allows SQL Injection. This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through 1.4.
CVSS: HIGH (8.5) EPSS Score: 0.03%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31639 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request Forgery. This issue affects Spare: from n/a through 1.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31637 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup SHOUT allows SQL Injection. This issue affects SHOUT: from n/a through 3.5.3.
CVSS: HIGH (8.5) EPSS Score: 0.03%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31630 |
Description: Missing Authorization vulnerability in themeton The Business allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Business: from n/a through 1.6.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 16th, 2025 (28 days ago)
|
|
CVE-2025-31071 |
Description: Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
May 16th, 2025 (28 days ago)
|