CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23559	WordPress MemeOne plugin <= 2.0.5 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23558	WordPress Geotagged Media plugin <= 0.3.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23557	WordPress Find Your Reps plugin <= 1.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23547	WordPress LH Login Page plugin <= 2.14 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through 2.14. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23537	WordPress add custom google tag manager plugin <= 1.0.3 - CSRF to Stored Cross-Site Scripting vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23533	WordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Lyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through 0.4.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23532	WordPress MyAnime Widget plugin <= 1.0 - CSRF to Privilege Escalation vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through 1.0. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23530	WordPress Custom Post Type Lockdown plugin <= 1.11 - CSRF to Privilege Escalation vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23528	WordPress DD Roles plugin <= 4.1 - Privilege Escalation vulnerability Description: Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Roles allows Privilege Escalation.This issue affects DD Roles: from n/a through 4.1. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23514	WordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Sanjaysolutions Loginplus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Loginplus: from n/a through 1.2. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)