CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-31736	WordPress Rich Text Editor Plugin <= 1.0.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in richtexteditor Rich Text Editor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rich Text Editor: from n/a through 1.0.1. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-31729	WordPress WooTumblog plugin <= 2.1.4 - Content Injection vulnerability Description: Missing Authorization vulnerability in jeffikus WooTumblog allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooTumblog: from n/a through 2.1.4. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-31622	WordPress Advanced Typekit plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Utkarsh Kukreti Advanced Typekit allows Stored XSS. This issue affects Advanced Typekit: from n/a through 1.0.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-31581	WordPress WP Video Playlist plugin <= 1.1.2 - Settings Change vulnerability Description: Missing Authorization vulnerability in Sandeep Kumar WP Video Playlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Video Playlist: from n/a through 1.1.2. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-31558	WordPress TailPress plugin <= 0.4.4 - Sensitive Data Exposure vulnerability Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Greg TailPress allows Retrieve Embedded Sensitive Data. This issue affects TailPress: from n/a through 0.4.4. CVSS: MEDIUM (5.8) EPSS Score: 0.04% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-31554	WordPress Docxpresso plugin <= 2.6 - Arbitrary File Download vulnerability Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in docxpresso Docxpresso allows Absolute Path Traversal. This issue affects Docxpresso: from n/a through 2.6. CVSS: MEDIUM (5.9) EPSS Score: 0.06% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-31541	WordPress TuriTop Booking System plugin <= 1.0.10 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in turitop TuriTop Booking System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TuriTop Booking System: from n/a through 1.0.10. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-31091	WordPress CM Header and Footer <= 1.2.4 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Header and Footer allows Stored XSS. This issue affects CM Header and Footer: from n/a through 1.2.4. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-30916	WordPress Residential Address Detection plugin <= 2.5.4 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in enituretechnology Residential Address Detection allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Residential Address Detection: from n/a through 2.5.4. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 3rd, 2025 (2 months ago)
CVE-2025-30915	WordPress Small Package Quotes – Worldwide Express Edition plugin <= 5.2.19 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through 5.2.19. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 3rd, 2025 (2 months ago)