CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-24573	WordPress Pagelayer plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagelayer Team PageLayer allows DOM-Based XSS. This issue affects PageLayer: from n/a through 1.9.4. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24572	WordPress WP Fast Total Search plugin <= 1.78.258 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross Site Request Forgery. This issue affects WP Fast Total Search: from n/a through 1.78.258. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24571	WordPress WP Fast Total Search plugin <= 1.78.258 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Epsiloncool WP Fast Total Search allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Fast Total Search: from n/a through 1.78.258. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24570	WordPress Atarim plugin <= 4.0.8 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atarim Atarim allows Stored XSS. This issue affects Atarim: from n/a through 4.0.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24568	WordPress Starter Templates plugin <= 4.4.9 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates allows Cross Site Request Forgery. This issue affects Starter Templates: from n/a through 4.4.9. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24562	WordPress KBucket plugin <= 4.1.6 - CSRF to Stored Cross-Site Scripting vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS. This issue affects KBucket: from n/a through 4.1.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24561	WordPress ReviewsTap plugin <= 1.1.2 - CSRF to Stored Cross-Site Scripting vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap ReviewsTap allows Stored XSS. This issue affects ReviewsTap: from n/a through 1.1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24555	WordPress Subscription DNA plugin <= 2.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows Stored XSS. This issue affects Subscription DNA: from n/a through 2.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24552	WordPress Paytium plugin <= 4.4.11 - Full Path Disclosure (FPD) vulnerability Description: Generation of Error Message Containing Sensitive Information vulnerability in David de Boer Paytium allows Retrieve Embedded Sensitive Data. This issue affects Paytium: from n/a through 4.4.11. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)
CVE-2025-24547	WordPress Caching Compatible Cookie Opt-In plugin <= 0.0.10 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthias Wagner - FALKEmedia Caching Compatible Cookie Opt-In and JavaScript allows Stored XSS. This issue affects Caching Compatible Cookie Opt-In and JavaScript: from n/a through 0.0.10. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 25th, 2025 (5 months ago)