CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26926	WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in NotFound Booknetic. This issue affects Booknetic: from n/a through 4.0.9. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26913	WordPress AR for WordPress plugin <= 7.7 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webandprint AR For WordPress allows DOM-Based XSS. This issue affects AR For WordPress: from n/a through 7.7. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26912	WordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Easy Elementor Addons allows Stored XSS. This issue affects Easy Elementor Addons: from n/a through 2.1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26911	WordPress System Dashboard plugin <= 2.8.18 - Sensitive Data Exposure vulnerability Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Bowo System Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects System Dashboard: from n/a through 2.8.18. CVSS: MEDIUM (4.3) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26904	WordPress WP Responsive Auto Fit Text plugin <= 0.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gal_op WP Responsive Auto Fit Text allows DOM-Based XSS. This issue affects WP Responsive Auto Fit Text: from n/a through 0.2. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26897	WordPress List Related Attachments plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Baden List Related Attachments allows DOM-Based XSS. This issue affects List Related Attachments: from n/a through 2.1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26896	WordPress PiwigoPress plugin <= 2.33 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vpiwigo PiwigoPress allows Stored XSS. This issue affects PiwigoPress: from n/a through 2.33. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26893	WordPress Easy Charts plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kiran Potphode Easy Charts allows DOM-Based XSS. This issue affects Easy Charts: from n/a through 1.2.3. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26891	WordPress Ibtana – WordPress Website Builder plugin <= 1.2.4.9 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VW THEMES Ibtana allows Stored XSS. This issue affects Ibtana: from n/a through 1.2.4.9. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26887	WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows Stored XSS. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.21.35. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)