CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-56258	WordPress Magazine Blocks plugin <= 1.3.20 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBlockArt Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through 1.3.20. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56257	WordPress Coins MarketCap plugin <= 5.5.8 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CoolPlugins Coins MarketCap allows DOM-Based XSS.This issue affects Coins MarketCap: from n/a through 5.5.8. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56255	WordPress AyeCode Connect plugin <= 1.3.8 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in AyeCode AyeCode Connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AyeCode Connect: from n/a through 1.3.8. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56254	WordPress Move Addons for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.6. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56253	WordPress Data Tables Generator by Supsystic plugin <= 1.10.36 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in supsystic.com Data Tables Generator by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Data Tables Generator by Supsystic: from n/a through 1.10.36. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56252	WordPress Enter Addons plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.9. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56251	WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability Description: Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso Event Espresso 4 Decaf allows Cross Site Request Forgery.This issue affects Event Espresso 4 Decaf: from n/a through 5.0.28.decaf. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56250	WordPress Just Writing Statistics plugin <= 4.7 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GregRoss Just Writing Statistics allows SQL Injection.This issue affects Just Writing Statistics: from n/a through 4.7. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56249	WordPress WPMasterToolKit plugin <= 1.13.1 - Arbitrary File Upload vulnerability Description: Unrestricted Upload of File with Dangerous Type vulnerability in Webdeclic WPMasterToolKit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through 1.13.1. CVSS: CRITICAL (9.1) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56248	WordPress WPMasterToolKit plugin <= 1.13.1 - Arbitrary File Download vulnerability Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Webdeclic WPMasterToolKit allows Path Traversal.This issue affects WPMasterToolKit: from n/a through 1.13.1. CVSS: MEDIUM (4.9) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)