CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-24744	WordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in NotFound Bridge Core. This issue affects Bridge Core: from n/a through 3.3. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24743	WordPress RomethemeKit For Elementor plugin <= 1.5.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor. This issue affects RomethemeKit For Elementor: from n/a through 1.5.2. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24742	WordPress WP Google Maps plugin <= 9.0.40 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go Maps. This issue affects WP Go Maps: from n/a through 9.0.40. CVSS: MEDIUM (4.3) EPSS Score: 0.06% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24741	WordPress KB Support plugin <= 1.6.7 - Open Redirection vulnerability Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KB Support KB Support. This issue affects KB Support: from n/a through 1.6.7. CVSS: MEDIUM (4.7) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24740	WordPress Learnpress plugin <= 4.2.7.1 - Open Redirection vulnerability Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress. This issue affects LearnPress: from n/a through 4.2.7.1. CVSS: MEDIUM (4.7) EPSS Score: 0.06% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24734	WordPress Better Find and Replace plugin <= 1.6.7 - Privilege Escalation vulnerability Description: Missing Authorization vulnerability in CodeSolz Better Find and Replace allows Privilege Escalation. This issue affects Better Find and Replace: from n/a through 1.6.7. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24708	WordPress WP Dynamics CRM plugin <= 1.1.6 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Reflected XSS. This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24689	WordPress Import and export users and customers plugin 1.27.12 - Sensitive Data Exposure vulnerability Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in codection Import and export users and customers allows Retrieve Embedded Sensitive Data. This issue affects Import and export users and customers: from n/a through 1.27.12. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24685	WordPress Morkva UA Shipping plugin <= 1.0.18 - Local File Inclusion vulnerability Description: Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP Local File Inclusion. This issue affects Morkva UA Shipping: from n/a through 1.0.18. CVSS: HIGH (8.1) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24680	WordPress WP Multi Store Locator Plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WpMultiStoreLocator WP Multi Store Locator allows Reflected XSS. This issue affects WP Multi Store Locator: from n/a through 2.4.7. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)