CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-49445	WordPress Interactive UK Regional Map plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive UK Regional Map allows Cross Site Request Forgery. This issue affects Interactive UK Regional Map: from n/a through 2.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49443	WordPress Bacon Ipsum <= 2.4 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris McCoy Bacon Ipsum allows Stored XSS. This issue affects Bacon Ipsum: from n/a through 2.4. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49442	WordPress Simple Nested Menu <= 1.0 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mostafa Shahiri Simple Nested Menu allows Stored XSS. This issue affects Simple Nested Menu: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49441	WordPress Interactive Regional Map of Florida <= 1.0 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in WP Map Plugins Interactive Regional Map of Florida allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Interactive Regional Map of Florida: from n/a through 1.0. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49440	WordPress WP Security Master <= 1.0.2 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Vuong Nguyen WP Security Master allows Cross Site Request Forgery. This issue affects WP Security Master: from n/a through 1.0.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49439	WordPress Atelier Create CV plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in mariusz88atelierweb Atelier Create CV allows Cross Site Request Forgery. This issue affects Atelier Create CV: from n/a through 1.1.2. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49435	WordPress Wp Easy Allopass <= 4.1.1 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Hasina77 Wp Easy Allopass allows Cross Site Request Forgery. This issue affects Wp Easy Allopass: from n/a through 4.1.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49429	WordPress Video Embeds <= 0.1.1 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryan Burnette Video Embeds allows Stored XSS. This issue affects Video Embeds: from n/a through 0.1.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49427	WordPress Abbie Expander <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryan Burnette Abbie Expander allows Stored XSS. This issue affects Abbie Expander: from n/a through 1.0.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (23 days ago)
CVE-2025-49425	WordPress Konami Easter Egg <= v0.4 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Adrian Hanft Konami Easter Egg allows Stored XSS. This issue affects Konami Easter Egg: from n/a through v0.4. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE June 6th, 2025 (23 days ago)