CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23491	WordPress VSTEMPLATE Creator plugin <= 2.0.2 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vikashsrivastava1111989 VSTEMPLATE Creator allows Reflected XSS. This issue affects VSTEMPLATE Creator: from n/a through 2.0.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22775	WordPress Catalog Importer, Scraper & Crawler Plugin <= 5.1.3 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in idIA Tech Catalog Importer, Scraper & Crawler allows Reflected XSS. This issue affects Catalog Importer, Scraper & Crawler: from n/a through 5.1.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22703	WordPress Forge – Front-End Page Builder plugin <= 1.4.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in manuelvicedo Forge – Front-End Page Builder allows Stored XSS. This issue affects Forge – Front-End Page Builder: from n/a through 1.4.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22693	WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contest Gallery Contest Gallery allows SQL Injection. This issue affects Contest Gallery: from n/a through 25.1.0. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22691	WordPress WP Travel plugin <= 10.1.0 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel allows SQL Injection. This issue affects WP Travel: from n/a through 10.1.0. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22690	WordPress DigiTimber cPanel Integration plugin <= 1.4.6 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in DigiTimber DigiTimber cPanel Integration allows Stored XSS. This issue affects DigiTimber cPanel Integration: from n/a through 1.4.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22688	WordPress Unlimited Page Sidebars plugin <= 0.2.6 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Ederson Peka Unlimited Page Sidebars allows Stored XSS. This issue affects Unlimited Page Sidebars: from n/a through 0.2.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22685	WordPress Tags to Keywords plugin <= 1.0.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in CheGevara Tags to Keywords allows Stored XSS. This issue affects Tags to Keywords: from n/a through 1.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22684	WordPress WP BASE Booking plugin <= 5.0.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hakan Ozevin WP BASE Booking allows Stored XSS. This issue affects WP BASE Booking: from n/a through 5.0.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2025-22682	WordPress Hesabfa Accounting Plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hesabfa Hesabfa Accounting allows Reflected XSS. This issue affects Hesabfa Accounting: from n/a through 2.1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)