CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-22560	WordPress Saoshyant Page Builder plugin <= 3.8 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in Saoshyant.1994 Saoshyant Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Saoshyant Page Builder: from n/a through 3.8. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22559	WordPress TubePress.NET Plugin <= 4.0.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Mario Mansour and Geoff Peters TubePress.NET allows Cross Site Request Forgery.This issue affects TubePress.NET: from n/a through 4.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22558	WordPress mcjh button shortcode plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcus C. J. Hartmann mcjh button shortcode allows Stored XSS.This issue affects mcjh button shortcode: from n/a through 1.6.4. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22557	WordPress News Publisher Autopilot plugin <= 2.1.4 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in WPMagic News Publisher Autopilot allows Cross Site Request Forgery.This issue affects News Publisher Autopilot: from n/a through 2.1.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22556	WordPress Norse Rune Oracle plugin <= 1.4.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows Cross Site Request Forgery.This issue affects Norse Rune Oracle Plugin: from n/a through 1.4.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22555	WordPress Smoothness Slider Shortcode plugin <= v1.2.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Noel Jarencio. Smoothness Slider Shortcode allows Cross Site Request Forgery.This issue affects Smoothness Slider Shortcode: from n/a through v1.2.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22554	WordPress Video Embed Optimizer plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric Franklin Video Embed Optimizer allows Stored XSS.This issue affects Video Embed Optimizer: from n/a through 1.0.0. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22552	WordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Jason Keeley, Bryan Nielsen Affiliate Disclosure Statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through 0.3. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22551	WordPress Boot-Modal plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Julien Crego Boot-Modal allows Stored XSS.This issue affects Boot-Modal: from n/a through 1.9.1. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22550	WordPress AddFunc Mobile Detect plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddFunc AddFunc Mobile Detect allows Stored XSS.This issue affects AddFunc Mobile Detect: from n/a through 3.1. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)