CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26947	WordPress Services Section block plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Services Section block allows Stored XSS. This issue affects Services Section block: from n/a through 1.3.4. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26946	WordPress WP Yelp Review Slider Plugin <= 8.1 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jgwhite33 WP Yelp Review Slider allows Blind SQL Injection. This issue affects WP Yelp Review Slider: from n/a through 8.1. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26945	WordPress Info Cards plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Info Cards – Gutenberg block for creating Beautiful Cards allows Stored XSS. This issue affects Info Cards – Gutenberg block for creating Beautiful Cards: from n/a through 1.0.5. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26943	WordPress Easy Quotes plugin <= 1.2.2 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jürgen Müller Easy Quotes allows Blind SQL Injection. This issue affects Easy Quotes: from n/a through 1.2.2. CVSS: CRITICAL (9.3) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26939	WordPress Counters Block plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Counters Block allows Stored XSS. This issue affects Counters Block: from n/a through 1.1.2. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26938	WordPress Countdown Timer block plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Countdown Timer allows Stored XSS. This issue affects Countdown Timer: from n/a through 1.2.6. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26937	WordPress Icon List Block plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Icon List Block allows Stored XSS. This issue affects Icon List Block: from n/a through 1.1.3. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26935	WordPress WP Job Portal plugin <= 2.2.8 - Local File Inclusion vulnerability Description: Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This issue affects WP Job Portal: from n/a through 2.2.8. CVSS: HIGH (7.5) EPSS Score: 0.06% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26932	WordPress WPBot plugin <= 6.3.5 - Local File Inclusion vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QuantumCloud ChatBot allows PHP Local File Inclusion. This issue affects ChatBot: from n/a through 6.3.5. CVSS: HIGH (7.5) EPSS Score: 0.12% Source: CVE February 25th, 2025 (4 months ago)
CVE-2025-26931	WordPress Tribulant Gallery Voting plugin <= 1.2.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Tribulant Gallery Voting allows Stored XSS. This issue affects Tribulant Gallery Voting: from n/a through 1.2.1. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE February 25th, 2025 (4 months ago)