CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-22536	WordPress WP Music Player Plugin <= 1.3 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hiren Patel WP Music Player allows SQL Injection.This issue affects WP Music Player: from n/a through 1.3. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22533	WordPress WOOEXIM Plugin <= 5.0.0 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WOOEXIM.COM WOOEXIM allows SQL Injection.This issue affects WOOEXIM: from n/a through 5.0.0. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22522	WordPress SingSong plugin <= 1.2 - CSRF to Stored XSS vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roya Khosravi SingSong allows Stored XSS.This issue affects SingSong: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22520	WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through 1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22519	WordPress eDoc Easy Tables Plugin <= 1.29 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29. CVSS: HIGH (8.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22507	WordPress WPMU Prefill Post Plugin <= 1.02 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Benjamin Santalucia ([email protected]) WPMU Prefill Post allows SQL Injection.This issue affects WPMU Prefill Post: from n/a through 1.02. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22502	WordPress MindValley Super PageMash Plugin <= 1.1 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mindvalley MindValley Super PageMash allows SQL Injection.This issue affects MindValley Super PageMash: from n/a through 1.1. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22364	WordPress Ach Invoice App plugin <= 1.0.1 - Local File Inclusion vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App allows PHP Local File Inclusion.This issue affects Ach Invoice App: from n/a through 1.0.1. CVSS: HIGH (7.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22359	WordPress SyncFields plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PJFC SyncFields allows Reflected XSS.This issue affects SyncFields: from n/a through 2.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22358	WordPress Wp advertising management plugin <= 1.0.3 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcon Simone Wp advertising management allows Reflected XSS.This issue affects Wp advertising management: from n/a through 1.0.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)