CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30599	WordPress WP Parallax Content Slider plugin <= 0.9.8 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp-maverick WP Parallax Content Slider allows Stored XSS. This issue affects WP Parallax Content Slider: from n/a through 0.9.8. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30598	WordPress OSS Upload - <= <= 4.8.9 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Link OSS Upload allows Cross Site Request Forgery. This issue affects OSS Upload: from n/a through 4.8.9. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30597	WordPress IG Shortcodes - <= <= 3.1 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iografica IG Shortcodes allows DOM-Based XSS. This issue affects IG Shortcodes: from n/a through 3.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30595	WordPress include-file - <= <= 1 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tstafford include-file allows Stored XSS. This issue affects include-file: from n/a through 1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30593	WordPress Include URL - <= <= 0.3.5 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk Include URL allows Stored XSS. This issue affects Include URL: from n/a through 0.3.5. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30592	WordPress Advanced Dewplayer - <= <= 1.6 Broken Access Control Vulnerability Description: Missing Authorization vulnerability in westerndeal Advanced Dewplayer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Dewplayer: from n/a through 1.6. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30591	WordPress Music Press Pro - <= <= 1.4.6 Broken Access Control Vulnerability Description: Missing Authorization vulnerability in tuyennv Music Press Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Music Press Pro: from n/a through 1.4.6. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30585	WordPress Generate Post Thumbnails - <= <= 0.8 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in marynixie Generate Post Thumbnails allows Cross Site Request Forgery. This issue affects Generate Post Thumbnails: from n/a through 0.8. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30581	WordPress Top Bar - <= <=3.3 Broken Access Control Vulnerability Description: Missing Authorization vulnerability in PluginOps Top Bar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Top Bar: from n/a through 3.3. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30576	WordPress Hacklog Remote Image Autosave - <= <= 2.1.0 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Image Autosave allows Cross Site Request Forgery. This issue affects Hacklog Remote Image Autosave: from n/a through 2.1.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)