CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23990	WordPress Scroll Styler plugin <= 1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler. This issue affects Scroll Styler: from n/a through 1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23989	WordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi - SabLab Internal Link Builder allows Cross Site Request Forgery. This issue affects Internal Link Builder: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23980	WordPress Full Circle plugin <= 0.5.7.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle allows Stored XSS. This issue affects Full Circle: from n/a through 0.5.7.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23978	WordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Ninos Ego FlashCounter allows Stored XSS. This issue affects FlashCounter: from n/a through 1.1.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23977	WordPress Post Carousel Slider plugin <= 2.0.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Post Carousel Slider allows Stored XSS. This issue affects Post Carousel Slider: from n/a through 2.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23976	WordPress Issuu Panel plugin <= 2.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Pedro Marcelo Issuu Panel allows Stored XSS. This issue affects Issuu Panel: from n/a through 2.1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23759	WordPress Affiliate Tools Việt Nam plugin <= 0.3.17 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leduchuy89vn Affiliate Tools Việt Nam allows Reflected XSS. This issue affects Affiliate Tools Việt Nam: from n/a through 0.3.17. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23671	WordPress WP OpenSearch plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fabio Savina WP OpenSearch allows Stored XSS. This issue affects WP OpenSearch: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-23596	WordPress Notifikácie.sk plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Notifikacie.sk Notifikácie.sk allows Reflected XSS. This issue affects Notifikácie.sk: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)
CVE-2025-22564	WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faaiq Pretty Url allows Reflected XSS. This issue affects Pretty Url: from n/a through 1.5.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (5 months ago)