CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-50050
WordPress Jobs for WordPress plugin <= 2.7.12 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress allows Stored XSS. This issue affects Jobs for WordPress: from n/a through 2.7.12.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50049
WordPress Modern Footnotes plugin <= 1.4.19 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prismtechstudios Modern Footnotes allows Stored XSS. This issue affects Modern Footnotes: from n/a through 1.4.19.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50048
WordPress Automatically Hierarchic Categories in Menu plugin <= 2.0.9 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atakan Au Automatically Hierarchic Categories in Menu allows Stored XSS. This issue affects Automatically Hierarchic Categories in Menu: from n/a through 2.0.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50047
WordPress Sitekit plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Sitekit allows Stored XSS. This issue affects Sitekit: from n/a through 1.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50046
WordPress WPComplete plugin <= 2.9.5 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP WPComplete allows Stored XSS. This issue affects WPComplete: from n/a through 2.9.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50045
WordPress Related Products Manager for WooCommerce plugin <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProWCPlugins Related Products Manager for WooCommerce allows DOM-Based XSS. This issue affects Related Products Manager for WooCommerce: from n/a through 1.6.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50044
WordPress Real Estate Manager plugin <= 7.3 - Cross Site Request Forgery (CSRF) Vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real Estate Manager allows Cross Site Request Forgery. This issue affects Real Estate Manager: from n/a through 7.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.02%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50043
WordPress Code Engine plugin <= 0.3.2 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Code Engine allows Stored XSS. This issue affects Code Engine: from n/a through 0.3.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50042
WordPress WP Register Profile With Shortcode plugin <= 3.6.1 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com WP Register Profile With Shortcode allows Stored XSS. This issue affects WP Register Profile With Shortcode: from n/a through 3.6.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)

CVE-2025-50041
WordPress Gutenberg Blocks – ACF Blocks Suite plugin <= 2.6.11 - Cross Site Scripting (XSS) Vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Engine Gutenberg Blocks – ACF Blocks Suite allows Stored XSS. This issue affects Gutenberg Blocks – ACF Blocks Suite: from n/a through 2.6.11.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
June 20th, 2025 (3 days ago)