CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30880	WordPress JS Help Desk plugin <= 2.9.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in JoomSky JS Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Help Desk: from n/a through 2.9.2. CVSS: HIGH (7.5) EPSS Score: 0.05% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30878	WordPress JS Help Desk plugin <= 2.9.2 - Arbitrary File Deletion vulnerability Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk allows Path Traversal. This issue affects JS Help Desk: from n/a through 2.9.2. CVSS: HIGH (8.6) EPSS Score: 0.06% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30876	WordPress Ads by WPQuads plugin <= 2.0.87.1 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ads by WPQuads Ads by WPQuads allows SQL Injection. This issue affects Ads by WPQuads: from n/a through 2.0.87.1. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30870	WordPress WP Travel Engine plugin <= 6.3.5 - Local File Inclusion vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.3.5. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30869	WordPress Image Wall plugin <= 3.0 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Parakoos Image Wall allows Reflected XSS. This issue affects Image Wall: from n/a through 3.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30849	WordPress Essential Real Estate plugin <= 5.2.0 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate allows PHP Local File Inclusion. This issue affects Essential Real Estate: from n/a through 5.2.0. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30848	WordPress Hostel plugin <= 1.1.5 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Hostel allows Reflected XSS. This issue affects Hostel: from n/a through 1.1.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30840	WordPress xili-dictionary plugin <= 2.12.5 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-dictionary allows Reflected XSS. This issue affects xili-dictionary: from n/a through 2.12.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30837	WordPress WooCommerce Fattureincloud plugin <= 2.6.7 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristiano Zanca WooCommerce Fattureincloud allows Reflected XSS. This issue affects WooCommerce Fattureincloud: from n/a through 2.6.7. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE April 1st, 2025 (3 months ago)
CVE-2025-30834	WordPress Bit Assist plugin <= 1.5.4 - Path Traversal vulnerability Description: Path Traversal vulnerability in Bit Apps Bit Assist allows Path Traversal. This issue affects Bit Assist: from n/a through 1.5.4. CVSS: HIGH (7.5) EPSS Score: 0.05% Source: CVE April 1st, 2025 (3 months ago)