CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30575	WordPress Login Redirect - <= <= 1.0.5 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arefly Login Redirect allows Stored XSS. This issue affects Login Redirect: from n/a through 1.0.5. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30574	WordPress Mobile Navigation - <= <= 1.5 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jenst Mobile Navigation allows Stored XSS. This issue affects Mobile Navigation: from n/a through 1.5. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30573	WordPress My Default Post Content - <= <= 0.7.3 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mrdenny My Default Post Content allows Stored XSS. This issue affects My Default Post Content: from n/a through 0.7.3. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30568	WordPress Super Static Cache - <= <= 3.3.5 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in hitoy Super Static Cache allows Cross Site Request Forgery. This issue affects Super Static Cache: from n/a through 3.3.5. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30566	WordPress Clink - <= <= 1.2.2 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aryan Themes Clink allows DOM-Based XSS. This issue affects Clink: from n/a through 1.2.2. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30557	WordPress Easy 301 Redirects plugin <= 1.33 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in odihost Easy 301 Redirects allows Cross Site Request Forgery. This issue affects Easy 301 Redirects: from n/a through 1.33. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30556	WordPress Fix Rss Feeds plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in flyaga Fix Rss Feeds allows Cross Site Request Forgery. This issue affects Fix Rss Feeds: from n/a through 3.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30553	WordPress GMO Font Agent plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Z.com byGMO GMO Font Agent allows Stored XSS. This issue affects GMO Font Agent: from n/a through 1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30551	WordPress Pretty file links plugin <= 0.9 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smartredfox Pretty file links allows Stored XSS. This issue affects Pretty file links: from n/a through 0.9. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30549	WordPress Yummly Rich Recipes plugin <= 4.2 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Yummly Yummly Rich Recipes allows Cross Site Request Forgery. This issue affects Yummly Rich Recipes: from n/a through 4.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)