CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-32659	WordPress FraudLabs Pro for WooCommerce plugin <= 2.22.7 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in fraudlabspro FraudLabs Pro for WooCommerce allows Stored XSS. This issue affects FraudLabs Pro for WooCommerce: from n/a through 2.22.7. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32645	WordPress Custom Posts Order Plugin <= 4.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Hiren Patel Custom Posts Order allows Stored XSS. This issue affects Custom Posts Order: from n/a through 4.4. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32644	WordPress IP2Location World Clock Plugin <= 1.1.9 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in ip2location IP2Location World Clock allows Stored XSS. This issue affects IP2Location World Clock: from n/a through 1.1.9. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32624	WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Missing Authorization vulnerability in czater Czater.pl – live chat i telefon allows Cross Site Request Forgery. This issue affects Czater.pl – live chat i telefon: from n/a through 1.0.5. CVSS: HIGH (7.1) EPSS Score: 0.03% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32623	WordPress PlainInventory plugin <= 3.1.9 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in plainware PlainInventory allows Stored XSS. This issue affects PlainInventory: from n/a through 3.1.9. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32621	WordPress WP Map Route Planner plugin <= 1.0.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital WP Map Route Planner allows Cross Site Request Forgery. This issue affects WP Map Route Planner: from n/a through 1.0.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32619	WordPress KeyCAPTCHA plugin <= 2.5.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in KeyCAPTCHA KeyCAPTCHA allows Stored XSS. This issue affects KeyCAPTCHA: from n/a through 2.5.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32617	WordPress Multiple Location Google Map plugin <= 1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Ydesignservices Multiple Location Google Map allows Stored XSS. This issue affects Multiple Location Google Map: from n/a through 1.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32616	WordPress Nimbata Call Tracking plugin <= 1.7.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in nimbata Nimbata Call Tracking allows Stored XSS. This issue affects Nimbata Call Tracking: from n/a through 1.7.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)
CVE-2025-32612	WordPress User Session Synchronizer plugin <= 1.4.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in rafasashi User Session Synchronizer allows Stored XSS. This issue affects User Session Synchronizer: from n/a through 1.4.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE April 9th, 2025 (3 months ago)