CyberAlerts

CVE-2025-31753

WordPress Advanced Speed Increaser Plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in Animesh Kumar Advanced Speed Increaser. This issue affects Advanced Speed Increaser: from n/a through 2.2.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31628

WordPress Sliced Invoices plugin <= 3.9.4 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in SlicedInvoices Sliced Invoices. This issue affects Sliced Invoices: from n/a through 3.9.4.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31550

WordPress WP-LESS plugin <= 1.9.3-3 - Sensitive Data Exposure vulnerability

Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS allows Retrieve Embedded Sensitive Data. This issue affects WP-LESS: from 1.9.3 through 3.

CVSS: MEDIUM (5.8)

EPSS Score: 0.04%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31525

WordPress WP Mobile Bottom Menu plugin <= 1.2.9 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in WP Messiah WP Mobile Bottom Menu allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Mobile Bottom Menu: from n/a through 1.2.9.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-30853

WordPress ShortPixel Adaptive Images plugin <= 3.10.0 - Broken Authentication vulnerability

Description: Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ShortPixel Adaptive Images: from n/a through 3.10.0.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31897

WordPress Arrow Custom Feed for Twitter plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arrow Plugins Arrow Custom Feed for Twitter allows Stored XSS. This issue affects Arrow Custom Feed for Twitter: from n/a through 1.5.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31895

WordPress ABC Notation Plugin <= 6.1.3 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in paulrosen ABC Notation allows Stored XSS. This issue affects ABC Notation: from n/a through 6.1.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31894

WordPress Ebook Downloader plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infoway LLC Ebook Downloader allows Stored XSS. This issue affects Ebook Downloader: from n/a through 1.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31892

WordPress WP Crowdfunding plugin <= 2.1.13 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored XSS. This issue affects WP Crowdfunding: from n/a through 2.1.13.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

April 1st, 2025 (20 days ago)

CVE-2025-31891

WordPress Gosign – Posts Slider Block plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gosign Gosign – Posts Slider Block allows Stored XSS. This issue affects Gosign – Posts Slider Block: from n/a through 1.1.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

April 1st, 2025 (20 days ago)

Threat and Vulnerability Intelligence Database

Example Searches: