CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-32257	WordPress 1 Click WordPress Migration Plugin <= 2.2 - Sensitive Data Exposure vulnerability Description: Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration allows Retrieve Embedded Sensitive Data. This issue affects 1 Click WordPress Migration: from n/a through 2.2. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32256	WordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in devsoftbaltic SurveyJS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SurveyJS: from n/a through 1.12.20. CVSS: MEDIUM (5.3) EPSS Score: 0.05% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32255	WordPress StaffList plugin <= 3.2.6 - Sensitive Data Exposure vulnerability Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ERA404 StaffList allows Retrieve Embedded Sensitive Data. This issue affects StaffList: from n/a through 3.2.6. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32254	WordPress WPBookit plugin <= 1.0.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Iqonic Design WPBookit allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WPBookit: from n/a through 1.0.1. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32253	WordPress Course Booking System Plugin <= 6.0.5 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in ComMotion Course Booking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Course Booking System: from n/a through 6.0.5. CVSS: MEDIUM (5.3) EPSS Score: 0.05% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32252	WordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in blackandwhitedigital WP Genealogy – Your Family History Website allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Genealogy – Your Family History Website: from n/a through 0.1.9. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32251	WordPress Jetpack Feedback Exporter <= 1.23 - Sensitive Data Exposure Vulnerability Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in J. Tyler Wiest Jetpack Feedback Exporter allows Retrieve Embedded Sensitive Data. This issue affects Jetpack Feedback Exporter: from n/a through 1.23. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32250	WordPress Rollbar plugin <= 2.7.1 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar allows Cross Site Request Forgery. This issue affects Rollbar: from n/a through 2.7.1. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32249	WordPress DirectoryPress – Business Directory And Classified Ad Listing Plugin <=3.6.19 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in designinvento DirectoryPress allows Cross Site Request Forgery. This issue affects DirectoryPress: from n/a through 3.6.19. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE April 4th, 2025 (2 months ago)
CVE-2025-32248	WordPress SwiftXR (3D/AR/VR) Viewer plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in SwiftXR SwiftXR (3D/AR/VR) Viewer allows Cross Site Request Forgery. This issue affects SwiftXR (3D/AR/VR) Viewer: from n/a through 1.0.7. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE April 4th, 2025 (2 months ago)