CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23533	WordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Lyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through 0.4.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23532	WordPress MyAnime Widget plugin <= 1.0 - CSRF to Privilege Escalation vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through 1.0. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23530	WordPress Custom Post Type Lockdown plugin <= 1.11 - CSRF to Privilege Escalation vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through 1.11. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23528	WordPress DD Roles plugin <= 4.1 - Privilege Escalation vulnerability Description: Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Roles allows Privilege Escalation.This issue affects DD Roles: from n/a through 4.1. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23514	WordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Sanjaysolutions Loginplus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Loginplus: from n/a through 1.2. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23513	WordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Joshua Wieczorek Bible Embed allows Stored XSS.This issue affects Bible Embed: from n/a through 0.0.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23511	WordPress WP-BlackCheck plugin <= 2.7.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Viktoria Rei Bauer WP-BlackCheck allows Stored XSS.This issue affects WP-BlackCheck: from n/a through 2.7.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23510	WordPress WordPress Logging Service plugin <= 1.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Zaantar WordPress Logging Service allows Stored XSS.This issue affects WordPress Logging Service: from n/a through 1.5.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23508	WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in EdesaC Extra Options – Favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through 1.1.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)
CVE-2025-23501	WordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy Cookie Consent & Autoblock for GDPR/CCPA allows Stored XSS.This issue affects Cookie Consent & Autoblock for GDPR/CCPA: from n/a through 1.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 17th, 2025 (6 months ago)