CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-31613	WordPress AB Google Map Travel plugin <= 4.6 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel allows Cross Site Request Forgery. This issue affects AB Google Map Travel : from n/a through 4.6. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31585	WordPress Leadfox for WordPress plugin <= 2.1.8 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in leadfox Leadfox for WordPress allows Cross Site Request Forgery. This issue affects Leadfox for WordPress: from n/a through 2.1.8. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31583	WordPress WP Copy Media URL plugin <= 2.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Copy Media URL allows Stored XSS. This issue affects WP Copy Media URL: from n/a through 2.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31570	WordPress Related Posts Widget with Thumbnails plugin <= 1.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in wp-buy Related Posts Widget with Thumbnails allows Stored XSS. This issue affects Related Posts Widget with Thumbnails: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31569	WordPress wordpress related Posts with thumbnails plugin <= 3.0.0.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in wp-buy wordpress related Posts with thumbnails allows Stored XSS. This issue affects wordpress related Posts with thumbnails: from n/a through 3.0.0.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31566	WordPress Rio Video Gallery plugin <= 2.3.6 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in riosisgroup Rio Video Gallery allows Stored XSS. This issue affects Rio Video Gallery: from n/a through 2.3.6. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31547	WordPress Uptime Robot Plugin for WordPress plugin <= 2.3 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aphotrax Uptime Robot Plugin for WordPress allows SQL Injection. This issue affects Uptime Robot Plugin for WordPress: from n/a through 2.3. CVSS: HIGH (8.5) EPSS Score: 0.03% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31542	WordPress My auctions allegro plugin <= 3.6.20 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wphocus My auctions allegro allows Blind SQL Injection. This issue affects My auctions allegro: from n/a through 3.6.20. CVSS: HIGH (8.5) EPSS Score: 0.03% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-31526	WordPress Behance Portfolio Manager plugin <= 1.7.4 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eleopard Behance Portfolio Manager allows SQL Injection. This issue affects Behance Portfolio Manager: from n/a through 1.7.4. CVSS: HIGH (8.5) EPSS Score: 0.03% Source: CVE March 31st, 2025 (3 months ago)
CVE-2025-3021	Multiple vulnerabilities in e-management of e-solutions Description: Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint. CVSS: HIGH (8.7) EPSS Score: 0.06% Source: CVE March 31st, 2025 (3 months ago)