CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26589	WordPress IE CSS3 Support Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound IE CSS3 Support allows Reflected XSS. This issue affects IE CSS3 Support: from n/a through 2.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26588	WordPress TTT Crop Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound TTT Crop allows Reflected XSS. This issue affects TTT Crop: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26587	WordPress sidebarTabs Plugin <= 3.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound sidebarTabs allows Reflected XSS. This issue affects sidebarTabs: from n/a through 3.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26586	WordPress Events Planner Plugin <= 1.3.10 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Events Planner allows Reflected XSS. This issue affects Events Planner: from n/a through 1.3.10. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26585	WordPress DL Leadback Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DL Leadback allows Reflected XSS. This issue affects DL Leadback: from n/a through 1.2.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26563	WordPress Rocket Mobile Plugin <= 0.4.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mobile allows Reflected XSS. This issue affects Mobile: from n/a through 1.3.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26557	WordPress ViperBar Plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ViperBar allows Reflected XSS. This issue affects ViperBar: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26540	WordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerability Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound Helloprint allows Path Traversal. This issue affects Helloprint: from n/a through 2.0.7. CVSS: HIGH (7.7) EPSS Score: 0.05% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-26534	WordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerability Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound Helloprint allows Path Traversal. This issue affects Helloprint: from n/a through 2.0.7. CVSS: HIGH (8.6) EPSS Score: 0.07% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-25170	WordPress Migrate Posts Plugin <=1.0 - Post Based Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Migrate Posts allows Reflected XSS. This issue affects Migrate Posts: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)