CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23445	WordPress Easy Tynt plugin <= 0.2.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Scott Swezey Easy Tynt allows Cross Site Request Forgery.This issue affects Easy Tynt: from n/a through 0.2.5.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23442	WordPress Shockingly Big IE6 Warning plugin <= 1.6.3 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in matias s Shockingly Big IE6 Warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through 1.6.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23438	WordPress WP PT-Viewer plugin <= 2.0.2 - Reflected XSS vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MarvinLabs WP PT-Viewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through 2.0.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23436	WordPress Wp-Scribd-List plugin <= 1.2 - CSRF to XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Capa Wp-Scribd-List allows Stored XSS.This issue affects Wp-Scribd-List: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23435	WordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in David Marcucci Password Protect Plugin for WordPress allows Stored XSS.This issue affects Password Protect Plugin for WordPress: from n/a through 0.8.1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23432	WordPress AlT Report plugin <= 1.12.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlTi5 AlT Report allows Reflected XSS.This issue affects AlT Report: from n/a through 1.12.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23430	WordPress Mass Custom Fields Manager plugin <= 1.5 - CSRF to Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Oren Yomtov Mass Custom Fields Manager allows Reflected XSS.This issue affects Mass Custom Fields Manager: from n/a through 1.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23429	WordPress Altima Lookbook Free for WooCommerce plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in altimawebsystems.com Altima Lookbook Free for WooCommerce allows Reflected XSS.This issue affects Altima Lookbook Free for WooCommerce: from n/a through 1.1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23426	WordPress go Social plugin <= 1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Wizcrew Technologies go Social allows Stored XSS.This issue affects go Social: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23424	WordPress Marquee Style RSS News Ticker plugin <= 3.2.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Brian Novotny – Creative Software Design Solutions Marquee Style RSS News Ticker allows Cross Site Request Forgery.This issue affects Marquee Style RSS News Ticker: from n/a through 3.2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)