CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23825	WordPress Easy Shortcode Buttons plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Thorpe Easy Shortcode Buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through 1.2. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23824	WordPress FontAwesome.io ShortCodes plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexander Weleczka FontAwesome.io ShortCodes allows Stored XSS.This issue affects FontAwesome.io ShortCodes: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23823	WordPress CNZZ&51LA for WordPress plugin <= 1.0.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jprintf CNZZ&51LA for WordPress allows Cross Site Request Forgery.This issue affects CNZZ&51LA for WordPress: from n/a through 1.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23822	WordPress Category Custom Fields plugin <= 1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Cornea Alexandru Category Custom Fields allows Cross Site Request Forgery.This issue affects Category Custom Fields: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23821	WordPress WP Cookies Alert plugin <= 1.1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Aleapp WP Cookies Alert allows Cross Site Request Forgery.This issue affects WP Cookies Alert: from n/a through 1.1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23820	WordPress Content Security Policy Pro plugin <= 1.3.5 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Laxman Thapa Content Security Policy Pro allows Cross Site Request Forgery.This issue affects Content Security Policy Pro: from n/a through 1.3.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23818	WordPress More Link Modifier plugin <= 1.0.3 - CSRF to Cross-Site Scripting vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Peggy Kuo More Link Modifier allows Stored XSS.This issue affects More Link Modifier: from n/a through 1.0.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23817	WordPress MHR-Custom-Anti-Copy plugin <= 2.0 - CSRF to Stored Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Mahadir Ahmad MHR-Custom-Anti-Copy allows Stored XSS.This issue affects MHR-Custom-Anti-Copy: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23816	WordPress Metaphor Widgets plugin <= 2.4 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in metaphorcreations Metaphor Widgets allows Stored XSS. This issue affects Metaphor Widgets: from n/a through 2.4. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23815	WordPress root Cookie plugin <= 1.6 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in linickx root Cookie allows Cross Site Request Forgery. This issue affects root Cookie: from n/a through 1.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)