CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26562	WordPress RSS FIlter Plugin <= 1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Patnaik RSS Filter allows Stored XSS. This issue affects RSS Filter: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26552	WordPress Naver Syndication V2 plugin <= 0.8.3 - CSRF to Stored Cross-Site Scripting vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in badrHan Naver Syndication V2 allows Stored XSS. This issue affects Naver Syndication V2: from n/a through 0.8.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26551	WordPress Bootstrap collapse plugin <= 1.0.4 - CSRF to Stored Cross-Site Scripting vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Bootstrap collapse allows Stored XSS. This issue affects Bootstrap collapse: from n/a through 1.0.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26550	WordPress Global Meta Keyword & Description plugin <= 2.3 - CSRF to Cross-Site Scripting vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Kunal Shivale Global Meta Keyword & Description allows Stored XSS. This issue affects Global Meta Keyword & Description: from n/a through 2.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26549	WordPress WP Html Page Sitemap plugin <= 2.2 - CSRF to Stored Cross-Site Scripting Description: Cross-Site Request Forgery (CSRF) vulnerability in pa1 WP Html Page Sitemap allows Stored XSS. This issue affects WP Html Page Sitemap: from n/a through 2.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26547	WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in nagarjunsonti My Login Logout Plugin allows Stored XSS. This issue affects My Login Logout Plugin: from n/a through 2.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26545	WordPress Related Posts Line-up-Exactly by Milliard plugin <= 0.0.22 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in shisuh Related Posts Line-up-Exactly by Milliard allows Stored XSS. This issue affects Related Posts Line-up-Exactly by Milliard: from n/a through 0.0.22. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26543	WordPress Simple Responsive Menu plugin <= 2.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Pukhraj Suthar Simple Responsive Menu allows Stored XSS. This issue affects Simple Responsive Menu: from n/a through 2.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26511	Cassandra-Lucene-Index allows bypass of Cassandra RBAC Description: Systems running the Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin versions 4.0-rc1-1.0.0 through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0, installed into Apache Cassandra version 4.x, are susceptible to a vulnerability which when successfully exploited could allow authenticated Cassandra users to remotely bypass RBAC and escalate their privileges. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26473	Outback Power Mojave Inverter Use of GET Request Method With Sensitive Query Strings Description: The Mojave Inverter uses the GET method for sensitive information. CVSS: HIGH (7.5) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)