CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23720	WordPress Web Push plugin <= 1.4.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Web Push allows Stored XSS.This issue affects Web Push: from n/a through 1.4.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23717	WordPress Theme My Ontraport Smartform plugin <= 1.2.11 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in ITMOOTI Theme My Ontraport Smartform allows Stored XSS.This issue affects Theme My Ontraport Smartform: from n/a through 1.2.11. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23715	WordPress Post & Page Notes plugin <= 0.1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in RaymondDesign Post & Page Notes allows Stored XSS.This issue affects Post & Page Notes: from n/a through 0.1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23713	WordPress Hack me if you can plugin <= 1.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Hack me if you can allows Stored XSS.This issue affects Hack me if you can: from n/a through 1.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23712	WordPress Kapost plugin <= 2.2.9 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Kapost Kapost allows Stored XSS.This issue affects Kapost: from n/a through 2.2.9. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23710	WordPress Flying Twitter Birds plugin <= 1.8 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Mayur Sojitra Flying Twitter Birds allows Stored XSS.This issue affects Flying Twitter Birds: from n/a through 1.8. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23708	WordPress DF Draggable plugin <= 1.13.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Dominic Fallows DF Draggable allows Stored XSS.This issue affects DF Draggable: from n/a through 1.13.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23703	WordPress Free MailClient FMC plugin <= 1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in CS : ABS-Hosting.nl / Walchum.net Free MailClient FMC allows Stored XSS.This issue affects Free MailClient FMC: from n/a through 1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23702	WordPress Anonymize Links plugin <= 1.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Schalk Burger Anonymize Links allows Stored XSS.This issue affects Anonymize Links: from n/a through 1.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)
CVE-2025-23699	WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TechMix Event Countdown Timer Plugin by TechMix allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through 1.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (5 months ago)