CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26914	WordPress Variable Inspector plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Variable Inspector allows Reflected XSS. This issue affects Variable Inspector: from n/a through 2.6.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26885	WordPress Assistant Plugin <= 1.5.1 - PHP Object Injection vulnerability Description: Deserialization of Untrusted Data vulnerability in Brent Jett Assistant allows Object Injection. This issue affects Assistant: from n/a through 1.5.1. CVSS: HIGH (7.2) EPSS Score: 0.06% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26879	WordPress s2Member Plugin <= 241216 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristián Lávaque s2Member Pro allows Reflected XSS. This issue affects s2Member Pro: from n/a through 241216. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26589	WordPress IE CSS3 Support Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound IE CSS3 Support allows Reflected XSS. This issue affects IE CSS3 Support: from n/a through 2.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26588	WordPress TTT Crop Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound TTT Crop allows Reflected XSS. This issue affects TTT Crop: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26587	WordPress sidebarTabs Plugin <= 3.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound sidebarTabs allows Reflected XSS. This issue affects sidebarTabs: from n/a through 3.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26586	WordPress Events Planner Plugin <= 1.3.10 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Events Planner allows Reflected XSS. This issue affects Events Planner: from n/a through 1.3.10. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26585	WordPress DL Leadback Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DL Leadback allows Reflected XSS. This issue affects DL Leadback: from n/a through 1.2.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26563	WordPress Rocket Mobile Plugin <= 0.4.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mobile allows Reflected XSS. This issue affects Mobile: from n/a through 1.3.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26557	WordPress ViperBar Plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ViperBar allows Reflected XSS. This issue affects ViperBar: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)