CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-27359	WordPress WP Media File Type Manager plugin <= 2.3.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Media File Type Manager allows Cross Site Request Forgery. This issue affects WP Media File Type Manager: from n/a through 2.3.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-27334	WordPress Simple Google Static Map <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ángel C. Simple Google Static Map allows DOM-Based XSS. This issue affects Simple Google Static Map: from n/a through 1.0.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-26593	WordPress FastBook <= 1.1 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in FasterThemes FastBook allows Cross Site Request Forgery. This issue affects FastBook: from n/a through 1.1. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-26590	WordPress Complete Google Seo Scan <= 3.5.1 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nir Complete Google Seo Scan allows SQL Injection. This issue affects Complete Google Seo Scan: from n/a through 3.5.1. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-24778	WordPress No Spam At All <= 1.3 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in De paragon No Spam At All allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects No Spam At All: from n/a through 1.3. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-24776	WordPress Responsive Flipbooks <= 1.0 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in codelobster Responsive Flipbooks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Responsive Flipbooks: from n/a through 1.0. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-24772	WordPress Pay with Contact Form 7 <= 1.0.4 - Cross Site Request Forgery (CSRF) Vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in cmsMinds Pay with Contact Form 7 allows Cross Site Request Forgery. This issue affects Pay with Contact Form 7: from n/a through 1.0.4. CVSS: MEDIUM (5.4) EPSS Score: 0.02% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-24763	WordPress bbPress API <= 1.0.14 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in Pascal Casier bbPress API allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects bbPress API: from n/a through 1.0.14. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-24762	WordPress TicketBAI Facturas para WooCommerce <= 3.19 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE June 6th, 2025 (24 days ago)
CVE-2025-23971	WordPress KI Live Video Conferences <= 5.5.15 - Broken Access Control Vulnerability Description: Missing Authorization vulnerability in whassan KI Live Video Conferences allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects KI Live Video Conferences: from n/a through 5.5.15. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE June 6th, 2025 (24 days ago)