CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30620	WordPress WP Odoo Form Integrator plugin <=1.1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in coderscom WP Odoo Form Integrator allows Stored XSS. This issue affects WP Odoo Form Integrator: from n/a through 1.1.0. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30619	WordPress SpeakPipe - <= <= 0.2 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in SpeakPipe SpeakPipe allows Cross Site Request Forgery. This issue affects SpeakPipe: from n/a through 0.2. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30617	WordPress Rewrite - <= <= 0.2.1 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite allows Cross Site Request Forgery. This issue affects Rewrite: from n/a through 0.2.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30615	WordPress WP e-Commerce Style Email plugin <= 0.6.2 - CSRF to Remote Code Execution vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Jacob Schwartz WP e-Commerce Style Email allows Code Injection. This issue affects WP e-Commerce Style Email: from n/a through 0.6.2. CVSS: CRITICAL (9.6) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30612	WordPress Replace Default Words plugin <= 1.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in mandegarweb Replace Default Words allows Stored XSS. This issue affects Replace Default Words: from n/a through 1.3. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30610	WordPress WP Social Widget - <= <= 2.2.6 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.2.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30609	WordPress AppExperts – WordPress to Mobile App – WooCommerce to iOs and Android Apps - <= <= 1.4.3 Sensitive Data Exposure Vulnerability Description: Insertion of Sensitive Information Into Sent Data vulnerability in AppExperts AppExperts – WordPress to Mobile App – WooCommerce to iOs and Android Apps allows Retrieve Embedded Sensitive Data. This issue affects AppExperts – WordPress to Mobile App – WooCommerce to iOs and Android Apps: from n/a through 1.4.3. CVSS: MEDIUM (5.3) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30608	WordPress WordPress SQL Backup - <= <= 3.5.2 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Anthony WordPress SQL Backup allows Stored XSS. This issue affects WordPress SQL Backup: from n/a through 3.5.2. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30606	WordPress Easy Page Transition plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Logan Carlile Easy Page Transition allows Stored XSS. This issue affects Easy Page Transition: from n/a through 1.0.1. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30605	WordPress sourceplay-navermap plugin <= 0.0.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in ldwin79 sourceplay-navermap allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects sourceplay-navermap: from n/a through 0.0.2. CVSS: MEDIUM (4.3) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)