CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-31845	WordPress Theme Duplicator Plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Rohit Choudhary Theme Duplicator allows Cross Site Request Forgery. This issue affects Theme Duplicator: from n/a through 1.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31844	WordPress Magical Blocks plugin <= 1.0.10 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Blocks allows Stored XSS. This issue affects Magical Blocks: from n/a through 1.0.10. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31843	WordPress OpenAI Tools for WordPress & WooCommerce plugin <= 2.1.5 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OpenAI Tools for WordPress & WooCommerce: from n/a through 2.1.5. CVSS: MEDIUM (4.3) EPSS Score: 0.03% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31842	WordPress Viral Loops WP Integration Plugin <= 3.4.0 - Sensitive Data Exposure vulnerability Description: Insertion of Sensitive Information Into Sent Data vulnerability in viralloops Viral Loops WP Integration allows Retrieve Embedded Sensitive Data. This issue affects Viral Loops WP Integration: from n/a through 3.4.0. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31840	WordPress Simple Fixed Notice Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in digireturn Simple Fixed Notice allows Cross Site Request Forgery. This issue affects Simple Fixed Notice: from n/a through 1.6. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31839	WordPress Footer Contacts Bar Plugin <= 1.8 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in digireturn DN Footer Contacts allows Cross Site Request Forgery. This issue affects DN Footer Contacts: from n/a through 1.8. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31838	WordPress Eventbee RSVP Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eventbee Eventbee RSVP Widget allows DOM-Based XSS. This issue affects Eventbee RSVP Widget: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31837	WordPress WP Proposals plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31836	WordPress Review Manager Plugin <= 2.2.0 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in matthewrubin Review Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Review Manager: from n/a through 2.2.0. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-31835	WordPress WP Plugin Info Card plugin <= 5.2.5 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brice Capobianco WP Plugin Info Card allows DOM-Based XSS. This issue affects WP Plugin Info Card: from n/a through 5.2.5. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE April 1st, 2025 (3 months ago)