CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-24551	WordPress Radio Buttons and Swatches for WooCommerce plugin <= 1.1.20 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OneTeamSoftware Radio Buttons and Swatches for WooCommerce allows Reflected XSS. This issue affects Radio Buttons and Swatches for WooCommerce: from n/a through 1.1.20. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-24549	WordPress Post Meta plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Mahbubur Rahman Post Meta allows Reflected XSS. This issue affects Post Meta: from n/a through 1.0.9. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-24535	WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Donation allows Reflected XSS. This issue affects SKT Donation: from n/a through 1.9. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-24534	WordPress DPortfolio plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emili Castells DPortfolio allows Reflected XSS. This issue affects DPortfolio: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-23990	WordPress Scroll Styler plugin <= 1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler. This issue affects Scroll Styler: from n/a through 1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-23989	WordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi - SabLab Internal Link Builder allows Cross Site Request Forgery. This issue affects Internal Link Builder: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-23980	WordPress Full Circle plugin <= 0.5.7.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle allows Stored XSS. This issue affects Full Circle: from n/a through 0.5.7.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-23978	WordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Ninos Ego FlashCounter allows Stored XSS. This issue affects FlashCounter: from n/a through 1.1.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-23977	WordPress Post Carousel Slider plugin <= 2.0.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Post Carousel Slider allows Stored XSS. This issue affects Post Carousel Slider: from n/a through 2.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)
CVE-2025-23976	WordPress Issuu Panel plugin <= 2.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Pedro Marcelo Issuu Panel allows Stored XSS. This issue affects Issuu Panel: from n/a through 2.1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 1st, 2025 (6 months ago)