CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-32265	WordPress JobWP plugin <= 2.3.9 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.3.9. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32264	WordPress UltraAddons – Elementor Addons plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam UltraAddons Elementor Lite allows Cross Site Request Forgery. This issue affects UltraAddons Elementor Lite: from n/a through 2.0.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32263	WordPress Sequential Order Numbers for WooCommerce plugin <= 3.6.2 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in BeRocket Sequential Order Numbers for WooCommerce allows Cross Site Request Forgery. This issue affects Sequential Order Numbers for WooCommerce: from n/a through 3.6.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32262	WordPress RDP Wiki Embed plugin <= 1.2.20 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP Wiki Embed allows Cross Site Request Forgery. This issue affects RDP Wiki Embed: from n/a through 1.2.20. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32261	WordPress Advanced All in One Admin Search by WP Spotlight <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj Advanced All in One Admin Search by WP Spotlight allows Cross Site Request Forgery. This issue affects Advanced All in One Admin Search by WP Spotlight: from n/a through 1.1.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32258	WordPress Simple Website Logo plugin <= 1.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in InfoGiants Simple Website Logo allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Website Logo: from n/a through 1.1. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32257	WordPress 1 Click WordPress Migration Plugin <= 2.2 - Sensitive Data Exposure vulnerability Description: Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration allows Retrieve Embedded Sensitive Data. This issue affects 1 Click WordPress Migration: from n/a through 2.2. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32256	WordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in devsoftbaltic SurveyJS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SurveyJS: from n/a through 1.12.20. CVSS: MEDIUM (5.3) EPSS Score: 0.05% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32255	WordPress StaffList plugin <= 3.2.6 - Sensitive Data Exposure vulnerability Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ERA404 StaffList allows Retrieve Embedded Sensitive Data. This issue affects StaffList: from n/a through 3.2.6. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (3 months ago)
CVE-2025-32254	WordPress WPBookit plugin <= 1.0.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Iqonic Design WPBookit allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WPBookit: from n/a through 1.0.1. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE April 4th, 2025 (3 months ago)