CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-49076	WordPress The Plus Addons for Elementor Page Builder Lite plugin <= 6.2.7 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Innovations The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 6.2.7. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-49075	WordPress Wishlist plugin <= 1.0.43 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist allows Stored XSS.This issue affects Wishlist: from n/a through 1.0.43. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-49074	WordPress WidgetKit plugin <= 2.5.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemesGrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.5.4. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-49068	WordPress Ocean Extra plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OceanWP Ocean Extra allows Stored XSS.This issue affects Ocean Extra: from n/a through 2.4.8. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-49067	WordPress Nasa Core plugin < 6.4.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core allows Stored XSS.This issue affects Nasa Core: from n/a before 6.4.1. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-48337	WordPress QuickCab plugin <= 1.3.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in QuickcabWP QuickCab.This issue affects QuickCab: from n/a through 1.3.3. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-48335	WordPress Responsive Plus plugin <= 3.2.0 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in CyberChimps Responsive Plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through 3.2.0. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-48329	WordPress Real Time Validation for Gravity Forms plugin <= 1.7.0 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daman Jeet Real Time Validation for Gravity Forms allows Reflected XSS.This issue affects Real Time Validation for Gravity Forms: from n/a through 1.7.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-48328	WordPress Real Time Validation for Gravity Forms plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Daman Jeet Real Time Validation for Gravity Forms allows Cross Site Request Forgery.This issue affects Real Time Validation for Gravity Forms: from n/a through 1.7.0. CVSS: MEDIUM (4.3) EPSS Score: 0.02% Source: CVE June 6th, 2025 (20 days ago)
CVE-2025-47586	WordPress Motors - Events plugin <= 1.4.7 - Unauthenticated Local File Inclusion vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Motors - Events allows PHP Local File Inclusion.This issue affects Motors - Events: from n/a through 1.4.7. CVSS: CRITICAL (9.0) EPSS Score: 0.15% Source: CVE June 6th, 2025 (20 days ago)