CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-52794	WordPress Creative Contact Form plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Creative Contact Form allows Stored XSS. This issue affects Creative Contact Form: from n/a through 1.0.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52793	WordPress Esselink.nu Settings plugin <= 2.94 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Esselink.nu Esselink.nu Settings allows Reflected XSS. This issue affects Esselink.nu Settings: from n/a through 2.94. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52792	WordPress WP User Stylesheet Switcher plugin <= v2.2.0 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in vgstef WP User Stylesheet Switcher allows Stored XSS. This issue affects WP User Stylesheet Switcher: from n/a through v2.2.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52791	WordPress Knowledge Base – Knowledge Base Maker plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in devfelixmoira Knowledge Base – Knowledge Base Maker allows Stored XSS. This issue affects Knowledge Base – Knowledge Base Maker: from n/a through 1.1.8. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52790	WordPress WP-DownloadCounter plugin <= 1.01 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in r-win WP-DownloadCounter allows Stored XSS. This issue affects WP-DownloadCounter: from n/a through 1.01. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52789	WordPress Lewe ChordPress plugin <= 3.9.7 - Cross Site Request Forgery (CSRF) to Stored XSS Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in George Lewe Lewe ChordPress allows Stored XSS. This issue affects Lewe ChordPress: from n/a through 3.9.7. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52784	WordPress Bluff Post plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in hideoguchi Bluff Post allows Stored XSS. This issue affects Bluff Post: from n/a through 1.1.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52783	WordPress Change Cart button Colors WooCommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in themelocation Change Cart button Colors WooCommerce allows Stored XSS. This issue affects Change Cart button Colors WooCommerce: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52782	WordPress Scroll UP plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in King Rayhan Scroll UP allows Reflected XSS. This issue affects Scroll UP: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE June 20th, 2025 (7 days ago)
CVE-2025-52781	WordPress TinyNav plugin <= 1.4 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Beee TinyNav allows Stored XSS. This issue affects TinyNav: from n/a through 1.4. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 20th, 2025 (7 days ago)