CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-22738	WordPress WP ULike plugin <= 4.7.6 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TechnoWich WP ULike allows Stored XSS.This issue affects WP ULike: from n/a through 4.7.6. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22737	WordPress WpTravelly Plugin <= 1.8.5 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.8.5. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22736	WordPress User Management plugin <= 1.2 - Privilege Escalation vulnerability Description: Incorrect Privilege Assignment vulnerability in WPExperts User Management allows Privilege Escalation.This issue affects User Management: from n/a through 1.2. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22734	WordPress Posts Footer Manager Plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Posts Footer Manager allows Stored XSS.This issue affects Posts Footer Manager: from n/a through 2.1.0. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22731	WordPress Build Private Store For Woocommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Build Private Store For Woocommerce allows Cross Site Request Forgery.This issue affects Build Private Store For Woocommerce: from n/a through 1.0. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22729	WordPress VOD Infomaniak plugin <= 1.5.9 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Infomaniak Staff VOD Infomaniak allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VOD Infomaniak: from n/a through 1.5.9. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22724	WordPress Product Carousel For WooCommerce – WoorouSell plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MojofyWP Product Carousel For WooCommerce – WoorouSell allows Stored XSS.This issue affects Product Carousel For WooCommerce – WoorouSell: from n/a through 1.1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22587	WordPress SEO Bulk Editor plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NCiphers SEO Bulk Editor allows Stored XSS.This issue affects SEO Bulk Editor: from n/a through 1.1.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22346	WordPress Course Migration for LearnDash plugin 1.0.2 - Server Side Request Forgery (SSRF) vulnerability Description: Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash allows Server Side Request Forgery.This issue affects Course Migration for LearnDash: from 1.0.2 through n/a. CVSS: MEDIUM (6.4) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)
CVE-2025-22329	WordPress Free Google Maps plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AGILELOGIX Free Google Maps allows Stored XSS.This issue affects Free Google Maps: from n/a through 1.0.1. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 16th, 2025 (6 months ago)