CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30535	WordPress External image replace plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in muro External image replace allows Cross Site Request Forgery. This issue affects External image replace: from n/a through 1.0.8. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30534	WordPress Image Captcha plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in captcha.soft Image Captcha allows Cross Site Request Forgery. This issue affects Image Captcha: from n/a through 1.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30533	WordPress Message ticker plugin <= 9.3 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Message ticker allows Stored XSS. This issue affects Message ticker: from n/a through 9.3. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30532	WordPress Weather Layer plugin <= 4.2.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MorganF Weather Layer allows Stored XSS. This issue affects Weather Layer: from n/a through 4.2.1. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30531	WordPress WP Ride Booking plugin <= 2.4 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking allows Cross Site Request Forgery. This issue affects WP Ride Booking: from n/a through 2.4. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30530	WordPress AI Preloader plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atikul AI Preloader allows Stored XSS. This issue affects AI Preloader: from n/a through 1.0.2. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30529	WordPress Auto Load Next Post plugin <= 1.5.14 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Sébastien Dumont Auto Load Next Post allows Cross Site Request Forgery. This issue affects Auto Load Next Post: from n/a through 1.5.14. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30527	WordPress My Bootstrap Menu plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codetoolbox My Bootstrap Menu allows Stored XSS. This issue affects My Bootstrap Menu: from n/a through 1.2.1. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30526	WordPress Typekit plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in lucksy Typekit plugin for WordPress allows Cross Site Request Forgery. This issue affects Typekit plugin for WordPress: from n/a through 1.2.3. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30521	WordPress GP Back To Top plugin <= 3.0 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in giangmd93 GP Back To Top allows Cross Site Request Forgery. This issue affects GP Back To Top: from n/a through 3.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)