CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Out-of-bounds read vulnerability in Cente middleware Description: Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NXTech Co., Ltd. contains an out-of-bounds read vulnerability. Source: Japan Vulnerability Notes (JVN) February 14th, 2025 (5 months ago)
	Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks Source: TheRegister February 14th, 2025 (5 months ago)
CVE-2025-26582	WordPress TinyMCE Advanced qTranslate fix editor problems plugin <= 1.0.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Blackbam TinyMCE Advanced qTranslate fix editor problems allows Stored XSS. This issue affects TinyMCE Advanced qTranslate fix editor problems: from n/a through 1.0.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26580	WordPress Page/Post Specific Social Share Buttons plugin <= 2.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in CompleteWebResources Page/Post Specific Social Share Buttons allows Stored XSS. This issue affects Page/Post Specific Social Share Buttons: from n/a through 2.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26578	WordPress Simple Documentation plugin <= 1.2.8 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in mathieuhays Simple Documentation allows Stored XSS. This issue affects Simple Documentation: from n/a through 1.2.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26577	WordPress DX-auto-publish plugin <= 1.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in daxiawp DX-auto-publish allows Stored XSS. This issue affects DX-auto-publish: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26574	WordPress Google Drive WP Media plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moch Amir Google Drive WP Media allows Stored XSS. This issue affects Google Drive WP Media: from n/a through 2.4.4. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26572	WordPress WP PHPList Plugin <= 1.7 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jesseheap WP PHPList allows Cross Site Request Forgery. This issue affects WP PHPList: from n/a through 1.7. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26571	WordPress Wibiya Toolbar plugin <= 2.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in wibiya Wibiya Toolbar allows Cross Site Request Forgery. This issue affects Wibiya Toolbar: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2025-26570	WordPress Glance That plugin <= 4.9 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That allows Cross Site Request Forgery. This issue affects Glance That: from n/a through 4.9. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)