CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-8855	WordPress Auction <= 3.7 - Editor+ SQL Injection Description: The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing editors and above to perform SQL injection attacks EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56300	WordPress Post/Page Copying Tool plugin <= 2.0.0 - Sensitive Data Exposure vulnerability Description: Insertion of Sensitive Information Into Sent Data vulnerability in WPSpins Post/Page Copying Tool allows Retrieve Embedded Sensitive Data.This issue affects Post/Page Copying Tool: from n/a through 2.0.0. CVSS: HIGH (7.5) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56299	WordPress Notify Odoo plugin <= 1.0.0 - CSRF to Stored XSS vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pektsekye Notify Odoo allows Stored XSS.This issue affects Notify Odoo: from n/a through 1.0.0. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56298	WordPress Pretty Simple Popup Builder Plugin <= 1.0.9 - Stored Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 5 Star Plugins Pretty Simple Popup Builder allows Stored XSS.This issue affects Pretty Simple Popup Builder: from n/a through 1.0.9. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56297	WordPress Highlight plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dn88 Highlight allows Stored XSS.This issue affects Highlight: from n/a through 2.0.2. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56296	WordPress Mang Board WP plugin <= 1.8.4 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Reflected XSS.This issue affects Mang Board WP: from n/a through 1.8.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56294	WordPress Nexter Blocks plugin <= 4.0.7 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through 4.0.7. CVSS: MEDIUM (6.4) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56293	WordPress AFI – The Easiest Integration Plugin <= 1.95.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nasirahmed Advanced Form Integration allows Stored XSS.This issue affects Advanced Form Integration: from n/a through 1.95.0. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56292	WordPress Email Reminders Plugin <= 2.0.5 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop, oplugins Email Reminders allows Stored XSS.This issue affects Email Reminders: from n/a through 2.0.5. CVSS: MEDIUM (5.9) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)
CVE-2024-56291	WordPress PlainInventory – Inventory Management Plugin Plugin <= 3.1.6 - PHP Object Injection vulnerability Description: Deserialization of Untrusted Data vulnerability in plainware.com PlainInventory allows Object Injection.This issue affects PlainInventory: from n/a through 3.1.6. CVSS: HIGH (8.1) EPSS Score: 0.04% Source: CVE January 8th, 2025 (6 months ago)