CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-47676	WordPress User Login History <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faiyaz Alam User Login History allows Stored XSS. This issue affects User Login History: from n/a through 2.1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47675	WordPress Woobox <= 1.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox allows DOM-Based XSS. This issue affects Woobox: from n/a through 1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47674	WordPress Credova_Financial <= 2.5.0 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Credova Financial Credova_Financial allows Cross Site Request Forgery. This issue affects Credova_Financial: from n/a through 2.5.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47669	WordPress CBX Map for Google Map & OpenStreetMap <= 1.1.12 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap allows DOM-Based XSS. This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.12. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47668	WordPress CookieCode <= 2.4.4 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cookiecode CookieCode allows Stored XSS. This issue affects CookieCode: from n/a through 2.4.4. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47667	WordPress LiveAgent <= 4.4.7 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in qusupport LiveAgent allows Cross Site Request Forgery. This issue affects LiveAgent: from n/a through 4.4.7. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47665	WordPress N360 \| Splash Screen <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bistromatic N360 \| Splash Screen allows Stored XSS. This issue affects N360 \| Splash Screen: from n/a through 1.0.6. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47664	WordPress WP Pipes <= 1.4.2 - Server Side Request Forgery (SSRF) Vulnerability Description: Server-Side Request Forgery (SSRF) vulnerability in ThimPress WP Pipes allows Server Side Request Forgery. This issue affects WP Pipes: from n/a through 1.4.2. CVSS: MEDIUM (4.4) EPSS Score: 0.03% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47662	WordPress Woobox <= 1.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox allows Stored XSS. This issue affects Woobox: from n/a through 1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE May 7th, 2025 (about 2 months ago)
CVE-2025-47661	WordPress 워드프레스 결제 심플페이 <= 5.2.11 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in codemstory 워드프레스 결제 심플페이 allows Cross Site Request Forgery. This issue affects 워드프레스 결제 심플페이: from n/a through 5.2.11. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE May 7th, 2025 (about 2 months ago)