CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	WordPress Plugin "Simple Image Sizes" vulnerable to cross-site scripting Description: WordPress Plugin "Simple Image Sizes" provided by Rahe contains a cross-site scripting vulnerability. Source: Japan Vulnerability Notes (JVN) January 28th, 2025 (5 months ago)
CVE-2025-24782	WordPress Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin <= 1.6.10 - Local File Inclusion vulner... Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows PHP Local File Inclusion. This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through 1.6.10. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24754	WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Houzez.co Houzez. This issue affects Houzez: from n/a through 3.4.0. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24747	WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Houzez.co Houzez. This issue affects Houzez: from n/a through 3.4.0. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24744	WordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in NotFound Bridge Core. This issue affects Bridge Core: from n/a through 3.3. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24743	WordPress RomethemeKit For Elementor plugin <= 1.5.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor. This issue affects RomethemeKit For Elementor: from n/a through 1.5.2. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24742	WordPress WP Google Maps plugin <= 9.0.40 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go Maps. This issue affects WP Go Maps: from n/a through 9.0.40. CVSS: MEDIUM (4.3) EPSS Score: 0.06% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24741	WordPress KB Support plugin <= 1.6.7 - Open Redirection vulnerability Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KB Support KB Support. This issue affects KB Support: from n/a through 1.6.7. CVSS: MEDIUM (4.7) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24740	WordPress Learnpress plugin <= 4.2.7.1 - Open Redirection vulnerability Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress. This issue affects LearnPress: from n/a through 4.2.7.1. CVSS: MEDIUM (4.7) EPSS Score: 0.06% Source: CVE January 28th, 2025 (5 months ago)
CVE-2025-24734	WordPress Better Find and Replace plugin <= 1.6.7 - Privilege Escalation vulnerability Description: Missing Authorization vulnerability in CodeSolz Better Find and Replace allows Privilege Escalation. This issue affects Better Find and Replace: from n/a through 1.6.7. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)