CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-22343	WordPress wpSOL plugin <= 1.2.0 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Dennis Koot wpSOL allows Stored XSS.This issue affects wpSOL: from n/a through 1.2.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22342	WordPress WP Simple Sitemap plugin <= 0.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Jens Törnell WP Simple Sitemap allows Stored XSS.This issue affects WP Simple Sitemap: from n/a through 0.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22339	WordPress Store Commerce theme <= 1.2.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemeArt Store Commerce allows DOM-Based XSS.This issue affects Store Commerce: from n/a through 1.2.3. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22338	WordPress WP-tagMaker plugin <= 0.2.2 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lich_wang WP-tagMaker allows Reflected XSS.This issue affects WP-tagMaker: from n/a through 0.2.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22336	WordPress Wizhi Multi Filters by Wenprise plugin <= 1.8.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in WordPress 智库 Wizhi Multi Filters by Wenprise allows Stored XSS.This issue affects Wizhi Multi Filters by Wenprise: from n/a through 1.8.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22335	WordPress Opencart Product in WP plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Md. Rajib Dewan Opencart Product in WP allows Reflected XSS.This issue affects Opencart Product in WP: from n/a through 1.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22334	WordPress Education LMS theme <= 0.0.7 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FilaThemes Education LMS allows Stored XSS.This issue affects Education LMS: from n/a through 0.0.7. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22333	WordPress Piotnet Addons For Elementor plugin <= 2.4.31 - Cross-Site Scripting vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.31. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22328	WordPress Elevio plugin <= 4.4.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Elevio Elevio allows Stored XSS.This issue affects Elevio: from n/a through 4.4.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22327	WordPress EO4WP plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olaf Lederer EO4WP allows Stored XSS.This issue affects EO4WP: from n/a through 1.0.7. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)