CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Ransomware Attack Update for the 11th of March 2025 Description: Ransomware Attack Update for the 11th of March 2025 Source: DarkWebInformer March 11th, 2025 (4 months ago)
	Threat Attack Daily - March 11th, 2025 Description: Threat Attack Daily - March 11th, 2025 Source: DarkWebInformer March 11th, 2025 (4 months ago)
CVE-2025-28943	WordPress DP ALTerminator - Missing ALT manager Plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mylo2h2s DP ALTerminator - Missing ALT manager allows Stored XSS. This issue affects DP ALTerminator - Missing ALT manager: from n/a through 1.0.2. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28941	WordPress SPAM-BYBYE Plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in ohtan Spam Byebye allows Cross Site Request Forgery. This issue affects Spam Byebye: from n/a through 2.2.4. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28940	WordPress Back To Top Plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in arkapravamajumder Back To Top allows Cross Site Request Forgery. This issue affects Back To Top: from n/a through 2.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28938	WordPress WP Performance Pack plugin <= 2.5.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Bjoern WP Performance Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Performance Pack: from n/a through 2.5.3. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28937	WordPress Lava Ajax Search plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lavacode Lava Ajax Search allows Stored XSS. This issue affects Lava Ajax Search: from n/a through 1.1.9. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28936	WordPress Lunar plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sakurapixel Lunar allows Stored XSS. This issue affects Lunar: from n/a through 1.3.0. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28933	WordPress MaxA/B plugin <= 2.2.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in maxfoundry MaxA/B allows Stored XSS. This issue affects MaxA/B: from n/a through 2.2.2. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-28932	WordPress Insert Code plugin <= 2.4 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in BCS Website Solutions Insert Code allows Stored XSS. This issue affects Insert Code: from n/a through 2.4. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)