CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-49282	WordPress Magze <= 1.0.9 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magze allows PHP Local File Inclusion. This issue affects Magze: from n/a through 1.0.9. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49281	WordPress Magways <= 1.2.1 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magways allows PHP Local File Inclusion. This issue affects Magways: from n/a through 1.2.1. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49280	WordPress Magty <= 1.0.6 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magty allows PHP Local File Inclusion. This issue affects Magty: from n/a through 1.0.6. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49279	WordPress Blogvy <= 1.0.7 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogvy allows PHP Local File Inclusion. This issue affects Blogvy: from n/a through 1.0.7. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49278	WordPress Blogty <= 1.0.11 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogty allows PHP Local File Inclusion. This issue affects Blogty: from n/a through 1.0.11. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49277	WordPress Blogprise <= 1.0.9 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogprise allows PHP Local File Inclusion. This issue affects Blogprise: from n/a through 1.0.9. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49276	WordPress Blogmine <= 1.1.7 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogmine allows PHP Local File Inclusion. This issue affects Blogmine: from n/a through 1.1.7. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49275	WordPress Blogbyte <= 1.1.1 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogbyte allows PHP Local File Inclusion. This issue affects Blogbyte: from n/a through 1.1.1. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-49265	WordPress Membership For WooCommerce <= 2.8.1 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Membership For WooCommerce: from n/a through 2.8.1. CVSS: HIGH (7.5) EPSS Score: 0.04% Source: CVE June 9th, 2025 (7 days ago)
CVE-2025-48281	WordPress MyStyle Custom Product Designer <= 3.21.1 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mystyleplatform MyStyle Custom Product Designer allows Blind SQL Injection. This issue affects MyStyle Custom Product Designer: from n/a through 3.21.1. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE June 9th, 2025 (7 days ago)