CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-22336	WordPress Wizhi Multi Filters by Wenprise plugin <= 1.8.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in WordPress 智库 Wizhi Multi Filters by Wenprise allows Stored XSS.This issue affects Wizhi Multi Filters by Wenprise: from n/a through 1.8.6. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22335	WordPress Opencart Product in WP plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Md. Rajib Dewan Opencart Product in WP allows Reflected XSS.This issue affects Opencart Product in WP: from n/a through 1.0.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22334	WordPress Education LMS theme <= 0.0.7 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FilaThemes Education LMS allows Stored XSS.This issue affects Education LMS: from n/a through 0.0.7. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22333	WordPress Piotnet Addons For Elementor plugin <= 2.4.31 - Cross-Site Scripting vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.31. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22328	WordPress Elevio plugin <= 4.4.1 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Elevio Elevio allows Stored XSS.This issue affects Elevio: from n/a through 4.4.1. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22327	WordPress EO4WP plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olaf Lederer EO4WP allows Stored XSS.This issue affects EO4WP: from n/a through 1.0.7. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22326	WordPress 5centsCDN – WordPress CDN Plugin plugin <= 24.8.16 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 5centsCDN 5centsCDN allows Reflected XSS.This issue affects 5centsCDN: from n/a through 24.8.16. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22325	WordPress Autocompleter plugin <= 1.3.5.2 - CSRF to Stored XSS vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Nik Chankov Autocompleter allows Stored XSS.This issue affects Autocompleter: from n/a through 1.3.5.2. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22324	WordPress OZ Canonical plugin <= 0.5 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andon Ivanov OZ Canonical allows Reflected XSS.This issue affects OZ Canonical: from n/a through 0.5. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2025-22323	WordPress Image Hover Effects for Elementor plugin <= 1.0.2.3 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jewel Theme Image Hover Effects for Elementor allows Stored XSS.This issue affects Image Hover Effects for Elementor: from n/a through 1.0.2.3. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)