CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23808	WordPress Custom List Table Example Plugin <=1.4.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Matt van Andel Custom List Table Example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through 1.4.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23807	WordPress Spiderpowa Embed PDF plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jimmy Hu Spiderpowa Embed PDF allows Stored XSS.This issue affects Spiderpowa Embed PDF: from n/a through 1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23805	WordPress SEOReseller Partner plugin <= 1.3.15 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in SEOReseller Team SEOReseller Partner allows Cross Site Request Forgery.This issue affects SEOReseller Partner: from n/a through 1.3.15. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23804	WordPress WP Service Payment Form With Authorize.net Plugin <= 2.6.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Shiv Prakash Tiwari WP Service Payment Form With Authorize.net allows Reflected XSS.This issue affects WP Service Payment Form With Authorize.net: from n/a through 2.6.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23802	WordPress WP-Revive Adserver Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steven Soehl WP-Revive Adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through 2.2.1. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23801	WordPress Style Admin Plugin <= 1.4.3 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Benjamin Guy Style Admin allows Stored XSS.This issue affects Style Admin: from n/a through 1.4.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23800	WordPress OrangeBox plugin <= 3.0.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in David Hamilton OrangeBox allows Cross Site Request Forgery.This issue affects OrangeBox: from n/a through 3.0.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23797	WordPress WP Options Editor plugin <= 1.1 - CSRF to Privilege Escalation vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows Privilege Escalation.This issue affects WP Options Editor: from n/a through 1.1. CVSS: CRITICAL (9.8) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23796	WordPress Easy Portfolio plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tushar Patel Easy Portfolio allows Stored XSS.This issue affects Easy Portfolio: from n/a through 1.3. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23795	WordPress Easy FAQs plugin <= 3.2.1 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gold Plugins Easy FAQs allows Stored XSS.This issue affects Easy FAQs: from n/a through 3.2.1. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)