CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23965	WordPress Kopa Nictitate Toolkit plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kopatheme Kopa Nictitate Toolkit allows Stored XSS.This issue affects Kopa Nictitate Toolkit: from n/a through 1.0.2. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23963	WordPress Mark Posts plugin <= 2.2.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Sven Hofmann & Michael Schoenrock Mark Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through 2.2.3. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23962	WordPress Goldstar plugin <= 2.1.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Goldstar Goldstar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Goldstar: from n/a through 2.1.1. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23961	WordPress WordPress Graphs & Charts Plugin <= 2.0.8 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in WP Tasker WordPress Graphs & Charts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Graphs & Charts: from n/a through 2.0.8. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23957	WordPress Sur.ly plugin <= 3.0.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Sur.ly Sur.ly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through 3.0.3. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23955	WordPress Xola plugin <= 1.6 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in xola.com Xola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through 1.6. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23954	WordPress Salvador – AI Image Generator plugin <= 1.0.11 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in AWcode & KingfisherFox Salvador – AI Image Generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salvador – AI Image Generator: from n/a through 1.0.11. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23951	WordPress Gallery: Hybrid – Advanced Visual Gallery plugin <= 1.4.0.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DivEngine Gallery: Hybrid – Advanced Visual Gallery allows Stored XSS.This issue affects Gallery: Hybrid – Advanced Visual Gallery: from n/a through 1.4.0.2. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23950	WordPress EZPlayer plugin <= 1.0.10 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Said Shiripour EZPlayer allows Stored XSS.This issue affects EZPlayer: from n/a through 1.0.10. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23947	WordPress WP-Player plugin <= 2.6.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M.J WP-Player allows Stored XSS.This issue affects WP-Player: from n/a through 2.6.1. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)