CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-28900	WordPress TabGarb Pro plugin <= 2.6 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in webgarb TabGarb Pro allows Stored XSS. This issue affects TabGarb Pro: from n/a through 2.6. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28897	WordPress Domain Theme plugin <= 1.3 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Steveorevo Domain Theme allows Stored XSS. This issue affects Domain Theme: from n/a through 1.3. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28895	WordPress Custom top bar plugin <= 2.0.2 - CSRF to Stored XSS vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sumanbiswas013 Custom top bar allows Stored XSS. This issue affects Custom top bar: from n/a through 2.0.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28894	WordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in frucomerci List of Posts from each Category plugin for WordPress allows Stored XSS. This issue affects List of Posts from each Category plugin for WordPress: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28892	WordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in a2rocklobster FTP Sync allows Stored XSS. This issue affects FTP Sync: from n/a through 1.1.6. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28891	WordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jazzigor price-calc allows Stored XSS. This issue affects price-calc: from n/a through 0.6.3. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28883	WordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Martin WP Compare Tables allows Stored XSS. This issue affects WP Compare Tables: from n/a through 1.0.5. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28861	WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in bhzad WP jQuery Persian Datepicker allows Stored XSS. This issue affects WP jQuery Persian Datepicker: from n/a through 0.1.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28860	WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in PPDPurveyor Google News Editors Picks Feed Generator allows Stored XSS. This issue affects Google News Editors Picks Feed Generator: from n/a through 2.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28857	WordPress Rankchecker.io Integration plugin <= 1.0.9 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in rankchecker Rankchecker.io Integration allows Stored XSS. This issue affects Rankchecker.io Integration: from n/a through 1.0.9. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)