CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-28874	WordPress BP Email Assign Templates By shanebp plugin <= 1.6 - Arbitrary Content Deletion vulnerability Description: Authorization Bypass Through User-Controlled Key vulnerability in shanebp BP Email Assign Templates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BP Email Assign Templates: from n/a through 1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28872	WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in jwpegram Block Spam By Math Reloaded allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Block Spam By Math Reloaded: from n/a through 2.2.4. CVSS: MEDIUM (5.3) EPSS Score: 0.06% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28871	WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jwpegram Block Spam By Math Reloaded allows Stored XSS. This issue affects Block Spam By Math Reloaded: from n/a through 2.2.4. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28870	WordPress amoCRM WebForm plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in amocrm amoCRM WebForm allows DOM-Based XSS. This issue affects amoCRM WebForm: from n/a through 1.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28868	WordPress ZipList Recipe plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in ZipList ZipList Recipe allows Cross Site Request Forgery. This issue affects ZipList Recipe: from n/a through 3.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28867	WordPress Frontpage category filter plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in stesvis Frontpage category filter allows Cross Site Request Forgery. This issue affects Frontpage category filter: from n/a through 1.0.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28866	WordPress Login Logger plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in smerriman Login Logger allows Cross Site Request Forgery. This issue affects Login Logger: from n/a through 1.2.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28864	WordPress Builder for Contact Form 7 by Webconstruct plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Planet Studio Builder for Contact Form 7 by Webconstruct allows Cross Site Request Forgery. This issue affects Builder for Contact Form 7 by Webconstruct: from n/a through 1.2.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28863	WordPress Delete Original Image plugin <= 0.4 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Carlos Minatti Delete Original Image allows Cross Site Request Forgery. This issue affects Delete Original Image: from n/a through 0.4. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (3 months ago)
CVE-2025-28862	WordPress Comment Date and Gravatar remover plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Comment Date and Gravatar remover allows Cross Site Request Forgery. This issue affects Comment Date and Gravatar remover: from n/a through 1.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (3 months ago)