CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23428	WordPress QMean plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound QMean – WordPress Did You Mean allows Reflected XSS. This issue affects QMean – WordPress Did You Mean: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 15th, 2025 (4 months ago)
CVE-2025-22705	WordPress Disqus Popular Posts plugin <= 2.1.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in godthor Disqus Popular Posts allows Reflected XSS. This issue affects Disqus Popular Posts: from n/a through 2.1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 15th, 2025 (4 months ago)
CVE-2024-52500	WordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in monetagwp Monetag Official Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Monetag Official Plugin: from n/a through 1.1.3. CVSS: HIGH (7.2) EPSS Score: 0.04% Source: CVE February 15th, 2025 (4 months ago)
CVE-2025-26582	WordPress TinyMCE Advanced qTranslate fix editor problems plugin <= 1.0.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Blackbam TinyMCE Advanced qTranslate fix editor problems allows Stored XSS. This issue affects TinyMCE Advanced qTranslate fix editor problems: from n/a through 1.0.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26580	WordPress Page/Post Specific Social Share Buttons plugin <= 2.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in CompleteWebResources Page/Post Specific Social Share Buttons allows Stored XSS. This issue affects Page/Post Specific Social Share Buttons: from n/a through 2.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26578	WordPress Simple Documentation plugin <= 1.2.8 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in mathieuhays Simple Documentation allows Stored XSS. This issue affects Simple Documentation: from n/a through 1.2.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26577	WordPress DX-auto-publish plugin <= 1.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in daxiawp DX-auto-publish allows Stored XSS. This issue affects DX-auto-publish: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26572	WordPress WP PHPList Plugin <= 1.7 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jesseheap WP PHPList allows Cross Site Request Forgery. This issue affects WP PHPList: from n/a through 1.7. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26571	WordPress Wibiya Toolbar plugin <= 2.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in wibiya Wibiya Toolbar allows Cross Site Request Forgery. This issue affects Wibiya Toolbar: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26570	WordPress Glance That plugin <= 4.9 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That allows Cross Site Request Forgery. This issue affects Glance That: from n/a through 4.9. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)