CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-31450	WordPress Toggle Box <= 1.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phantom.omaga Toggle Box allows Stored XSS. This issue affects Toggle Box: from n/a through 1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31448	WordPress Simple Trackback Disabler <= 1.4 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in misteraon Simple Trackback Disabler allows Cross Site Request Forgery. This issue affects Simple Trackback Disabler: from n/a through 1.4. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31447	WordPress NertWorks All in One Social Share Tools <=1.26 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in nertworks NertWorks All in One Social Share Tools allows Cross Site Request Forgery. This issue affects NertWorks All in One Social Share Tools: from n/a through 1.26. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31439	WordPress Browser Caching with .htaccess 1.2.1 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in tobias_.MerZ Browser Caching with .htaccess allows Cross Site Request Forgery. This issue affects Browser Caching with .htaccess: from 1.2.1 through n/a. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31438	WordPress WP Supersized <= 3.1.6 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Benoit De Boeck WP Supersized allows Cross Site Request Forgery. This issue affects WP Supersized: from n/a through 3.1.6. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31437	WordPress WP-OGP <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Miller WP-OGP allows Stored XSS. This issue affects WP-OGP: from n/a through 1.0.5. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31434	WordPress FormLift for Infusionsoft Web Forms <= 7.5.19 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Stored XSS. This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.19. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31433	WordPress Magic Embeds <= 3.1.2 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Miguel Sirvent Magic Embeds allows Stored XSS. This issue affects Magic Embeds: from n/a through 3.1.2. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31096	WordPress PostX <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX allows DOM-Based XSS. This issue affects PostX: from n/a through 4.1.25. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31094	WordPress WP Posts Carousel <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teastudio.pl WP Posts Carousel allows Stored XSS. This issue affects WP Posts Carousel: from n/a through 1.3.8. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)