CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-32260	WordPress DethemeKit For Elementor plugin <= 2.1.10 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Detheme DethemeKit For Elementor. This issue affects DethemeKit For Elementor: from n/a through 2.1.10. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32259	WordPress WP ULike plugin <= 4.7.9.1 - Content Spoofing Vulnerability Description: Missing Authorization vulnerability in Alimir WP ULike. This issue affects WP ULike: from n/a through 4.7.9.1. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32244	WordPress SEO Help plugin <= 6.6.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in QuantumCloud SEO Help allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SEO Help: from n/a through 6.6.1. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32243	WordPress Internal Link Optimiser plugin <= 5.1.2 - Settings Change vulnerability Description: Missing Authorization vulnerability in Toast Plugins Internal Link Optimiser allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Link Optimiser: from n/a through 5.1.2. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32242	WordPress Hive Support plugin <= 1.2.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Hive Support Hive Support allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Hive Support: from n/a through 1.2.2. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32240	WordPress Site Notify <= 1.0 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in NotFound Site Notify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Site Notify: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32236	WordPress Woocommerce Products Reorder Drag Drop Multiple Sort plugin <= 1.9 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Vagonic Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic. This issue affects Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic: from n/a through 1.9. CVSS: MEDIUM (4.3) EPSS Score: 0.03% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32230	WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Themeum Tutor LMS. This issue affects Tutor LMS: from n/a through 3.4.0. CVSS: MEDIUM (4.3) EPSS Score: 0.03% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32228	WordPress Ai Image Alt Text Generator for WP plugin <= 1.0.8 - Sensitive Data Exposure vulnerability Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Messiah Ai Image Alt Text Generator for WP. This issue affects Ai Image Alt Text Generator for WP: from n/a through 1.0.8. CVSS: MEDIUM (4.3) EPSS Score: 0.03% Source: CVE April 10th, 2025 (2 months ago)
CVE-2025-32227	WordPress Asgaros Forum plugin <= 3.0.0 - File Upload Numbers Bypass vulnerability Description: Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing. This issue affects Asgaros Forum: from n/a through 3.0.0. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE April 10th, 2025 (2 months ago)