CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-31457	WordPress LWS SMS <= 2.4.1 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Aurélien LWS LWS SMS allows Cross Site Request Forgery. This issue affects LWS SMS: from n/a through 2.4.1. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31456	WordPress Ultimate Security Checker plugin <= 4.2 - Cross Site Request Forgery (CSRF) to Security Rescan vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in bsndev Ultimate Security Checker allows Cross Site Request Forgery. This issue affects Ultimate Security Checker: from n/a through 4.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31453	WordPress YouTube SimpleGallery <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stian Andreassen YouTube SimpleGallery allows Stored XSS. This issue affects YouTube SimpleGallery: from n/a through 2.0.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31452	WordPress WP Ultimate Search <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mindshare Labs, Inc. WP Ultimate Search allows Stored XSS. This issue affects WP Ultimate Search: from n/a through 2.0.3. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31451	WordPress wBounce <= 1.8.1 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kevinweber wBounce allows Stored XSS. This issue affects wBounce: from n/a through 1.8.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31450	WordPress Toggle Box <= 1.6 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phantom.omaga Toggle Box allows Stored XSS. This issue affects Toggle Box: from n/a through 1.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31449	WordPress The Visitor Counter plugin <= 1.4.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in EricH The Visitor Counter allows Stored XSS. This issue affects The Visitor Counter: from n/a through 1.4.3. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31448	WordPress Simple Trackback Disabler <= 1.4 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in misteraon Simple Trackback Disabler allows Cross Site Request Forgery. This issue affects Simple Trackback Disabler: from n/a through 1.4. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31447	WordPress NertWorks All in One Social Share Tools <=1.26 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in nertworks NertWorks All in One Social Share Tools allows Cross Site Request Forgery. This issue affects NertWorks All in One Social Share Tools: from n/a through 1.26. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31444	WordPress ShowTime Slideshow plugin <= 1.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in youtag ShowTime Slideshow allows Stored XSS. This issue affects ShowTime Slideshow: from n/a through 1.6. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)