CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26572	WordPress WP PHPList Plugin <= 1.7 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jesseheap WP PHPList allows Cross Site Request Forgery. This issue affects WP PHPList: from n/a through 1.7. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26571	WordPress Wibiya Toolbar plugin <= 2.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in wibiya Wibiya Toolbar allows Cross Site Request Forgery. This issue affects Wibiya Toolbar: from n/a through 2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26570	WordPress Glance That plugin <= 4.9 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That allows Cross Site Request Forgery. This issue affects Glance That: from n/a through 4.9. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26569	WordPress Post Thumbs Plugin <= 1.5 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in callmeforsox Post Thumbs allows Stored XSS. This issue affects Post Thumbs: from n/a through 1.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26568	WordPress Easy Amazon Product Information plugin <= 4.0.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in jensmueller Easy Amazon Product Information allows Stored XSS. This issue affects Easy Amazon Product Information: from n/a through 4.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26567	WordPress Font Awesome WP plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in farjana55 Font Awesome WP allows DOM-Based XSS. This issue affects Font Awesome WP: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26562	WordPress RSS FIlter Plugin <= 1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Patnaik RSS Filter allows Stored XSS. This issue affects RSS Filter: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26561	WordPress Elfsight Yottie Lite Plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elfsight Elfsight Yottie Lite allows Stored XSS. This issue affects Elfsight Yottie Lite: from n/a through 1.3.3. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26558	WordPress Aparat Responsive plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mkkmail Aparat Responsive allows DOM-Based XSS. This issue affects Aparat Responsive: from n/a through 1.3. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)
CVE-2025-26552	WordPress Naver Syndication V2 plugin <= 0.8.3 - CSRF to Stored Cross-Site Scripting vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in badrHan Naver Syndication V2 allows Stored XSS. This issue affects Naver Syndication V2: from n/a through 0.8.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 14th, 2025 (4 months ago)