CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-22744	WordPress S-DEV SEO plugin <= 1.88 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob von Bothmer / SeoDev S-DEV SEO allows Stored XSS.This issue affects S-DEV SEO: from n/a through 1.88. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22743	WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian Shortcode: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22742	WordPress WP ViewSTL plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in falldeaf WP ViewSTL allows DOM-Based XSS.This issue affects WP ViewSTL: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22738	WordPress WP ULike plugin <= 4.7.6 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TechnoWich WP ULike allows Stored XSS.This issue affects WP ULike: from n/a through 4.7.6. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22737	WordPress WpTravelly Plugin <= 1.8.5 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.8.5. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22734	WordPress Posts Footer Manager Plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Posts Footer Manager allows Stored XSS.This issue affects Posts Footer Manager: from n/a through 2.1.0. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22731	WordPress Build Private Store For Woocommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Build Private Store For Woocommerce allows Cross Site Request Forgery.This issue affects Build Private Store For Woocommerce: from n/a through 1.0. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22729	WordPress VOD Infomaniak plugin <= 1.5.9 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Infomaniak Staff VOD Infomaniak allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VOD Infomaniak: from n/a through 1.5.9. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22724	WordPress Product Carousel For WooCommerce – WoorouSell plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MojofyWP Product Carousel For WooCommerce – WoorouSell allows Stored XSS.This issue affects Product Carousel For WooCommerce – WoorouSell: from n/a through 1.1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)
CVE-2025-22587	WordPress SEO Bulk Editor plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NCiphers SEO Bulk Editor allows Stored XSS.This issue affects SEO Bulk Editor: from n/a through 1.1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (5 months ago)