CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-56247	WordPress WP Post Author plugin <= 3.8.2 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author allows SQL Injection.This issue affects WP Post Author: from n/a through 3.8.2. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56246	WordPress Nexter Blocks plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through 4.0.4. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56245	WordPress Premium Blocks plugin <= 2.1.42 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress allows Stored XSS.This issue affects Premium Blocks – Gutenberg Blocks for WordPress: from n/a through 2.1.42. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56244	WordPress Ashe Extra plugin <= 1.2.92 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.92. CVSS: MEDIUM (5.4) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56243	WordPress WPSSO Core plugin <= 18.18.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in JS Morisset WPSSO Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSSO Core: from n/a through 18.18.1. CVSS: MEDIUM (4.3) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56242	WordPress Arconix Shortcodes plugin <= 2.1.14 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tyche Softwares Arconix Shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through 2.1.14. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56241	WordPress WPKoi Templates for Elementor plugin <= 3.1.3 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKoi WPKoi Templates for Elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through 3.1.3. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56240	WordPress Pronamic Google Maps plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pronamic Pronamic Google Maps allows Stored XSS.This issue affects Pronamic Google Maps: from n/a through 2.3.2. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56239	WordPress Themify Audio Dock plugin <= 2.0.4 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Themify Audio Dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through 2.0.4. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)
CVE-2024-56238	WordPress Floating Action Buttons plugin <= 0.9.1 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in QunatumCloud Floating Action Buttons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Floating Action Buttons: from n/a through 0.9.1. CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: CVE January 3rd, 2025 (6 months ago)