CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-31102	WordPress Hostel plugin <= 1.1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Hostel allows Reflected XSS. This issue affects Hostel: from n/a through 1.1.5.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31099	WordPress Slider by BestWebSoft <= 1.1.0 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bestwebsoft Slider by BestWebSoft allows SQL Injection. This issue affects Slider by BestWebSoft: from n/a through 1.1.0. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31096	WordPress PostX <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX allows DOM-Based XSS. This issue affects PostX: from n/a through 4.1.25. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31094	WordPress WP Posts Carousel <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teastudio.pl WP Posts Carousel allows Stored XSS. This issue affects WP Posts Carousel: from n/a through 1.3.8. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31093	WordPress RPS Include Content <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redpixelstudios RPS Include Content allows DOM-Based XSS. This issue affects RPS Include Content: from n/a through 1.2.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31090	WordPress Dropdown Multisite selector < 0.9.4 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alordiel Dropdown Multisite selector allows Stored XSS. This issue affects Dropdown Multisite selector: from n/a through n/a. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31088	WordPress Paid Member Subscriptions <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs Paid Member Subscriptions allows Stored XSS. This issue affects Paid Member Subscriptions: from n/a through 2.14.3. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31083	WordPress Leaky Paywall <= 4.21.7 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZEEN101 Leaky Paywall allows Stored XSS. This issue affects Leaky Paywall: from n/a through 4.21.7. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31079	WordPress Usermaven plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven allows Cross Site Request Forgery. This issue affects Usermaven: from n/a through 1.2.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 28th, 2025 (3 months ago)
CVE-2025-31077	WordPress Ultimate Blocks plugin <= 3.2.7 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks allows DOM-Based XSS. This issue affects Ultimate Blocks: from n/a through 3.2.7. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 28th, 2025 (3 months ago)