CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23775	WordPress GMAPS for WPBakery Page Builder Free Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WWP GMAPS for WPBakery Page Builder Free allows Stored XSS.This issue affects GMAPS for WPBakery Page Builder Free: from n/a through 1.2. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23772	WordPress imaGenius Plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eugenio Petullà imaGenius allows Stored XSS.This issue affects imaGenius: from n/a through 1.7. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23767	WordPress Marmoset Viewer plugin <= 1.9.3 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a through 1.9.3. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23765	WordPress W3SPEEDSTER plugin <= 7.33 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER allows Cross Site Request Forgery.This issue affects W3SPEEDSTER: from n/a through 7.33. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23764	WordPress Copy Move Posts plugin <= 1.6 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Ujjaval Jani Copy Move Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Copy Move Posts: from n/a through 1.6. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23761	WordPress Woo Tuner plugin <= 0.1.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Alex Volkov Woo Tuner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woo Tuner: from n/a through 0.1.2. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23760	WordPress Chatter plugin <= 1.0.1 - CSRF to Stored XSS vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Volkov Chatter allows Stored XSS. This issue affects Chatter: from n/a through 1.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23749	WordPress mybb Last Topics plugin <= 1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23745	WordPress Call me Now plugin <= 1.0.5 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23743	WordPress Social Analytics plugin <= 0.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Martijn Scheybeler Social Analytics allows Stored XSS.This issue affects Social Analytics: from n/a through 0.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)