CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-30604	WordPress JiangQie Official Website Mini Program plugin <= 1.8.2 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jiangqie JiangQie Official Website Mini Program allows Blind SQL Injection. This issue affects JiangQie Official Website Mini Program: from n/a through 1.8.2. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30603	WordPress CopyLink plugin <= 1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in DEJAN CopyLink allows Stored XSS. This issue affects CopyLink: from n/a through 1.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30602	WordPress Related Posts via Categories plugin <= 2.1.2 - CSRF to Stored XSS vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alphasis Related Posts via Categories allows Stored XSS. This issue affects Related Posts via Categories: from n/a through 2.1.2. CVSS: HIGH (7.1) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30601	WordPress Flipdish Ordering System plugin <= 1.4.16 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in flipdish Flipdish Ordering System allows Cross Site Request Forgery. This issue affects Flipdish Ordering System: from n/a through 1.4.16. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30600	WordPress WP Hotjar plugin <= 0.0.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thiagogsrwp WP Hotjar allows Stored XSS. This issue affects WP Hotjar: from n/a through 0.0.3. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30599	WordPress WP Parallax Content Slider plugin <= 0.9.8 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp-maverick WP Parallax Content Slider allows Stored XSS. This issue affects WP Parallax Content Slider: from n/a through 0.9.8. CVSS: MEDIUM (5.9) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30598	WordPress OSS Upload - <= <= 4.8.9 Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Link OSS Upload allows Cross Site Request Forgery. This issue affects OSS Upload: from n/a through 4.8.9. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30597	WordPress IG Shortcodes - <= <= 3.1 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iografica IG Shortcodes allows DOM-Based XSS. This issue affects IG Shortcodes: from n/a through 3.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30595	WordPress include-file - <= <= 1 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tstafford include-file allows Stored XSS. This issue affects include-file: from n/a through 1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)
CVE-2025-30593	WordPress Include URL - <= <= 0.3.5 Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk Include URL allows Stored XSS. This issue affects Include URL: from n/a through 0.3.5. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE March 24th, 2025 (3 months ago)