Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2025-31859

    Cross-Site Request Forgery (CSRF) vulnerability in Feedbucket Feedbucket – Website Feedback Tool allows Cross Site Request Forgery. This issue affects Feedbucket – Website Feedback Tool: from n/a through 1.0.6.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 14, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 5.4

    MEDIUM
    CVE-2025-31870

    Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP AutoKeyword: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2019-19514

    Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID.... Read more

    Affected Products : ays-wr01_firmware ays-wr01
    • Published: May. 05, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2025-3073

    Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 02, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Misconfiguration

  • 5.4

    MEDIUM
    CVE-2019-19500

    Matrix42 Workspace Management 9.1.2.2765 and below allows stored XSS via unfiltered description parameters, as demonstrated by the comment field of a special order for individual software.... Read more

    Affected Products : workspace_management
    • Published: Apr. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2025-3130

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Obfuscate allows Stored XSS.This issue affects Obfuscate: from 0.0.0 before 2.0.1.... Read more

    Affected Products : drupal obfuscate
    • Published: Apr. 02, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2019-19496

    Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document.... Read more

    Affected Products : alfresco
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2025-32178

    Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.18.0.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-32217

    Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ai Image Alt Text Generator for WP: from n/a through 1.0.8.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-32219

    Missing Authorization vulnerability in Syntactics, Inc. eaSYNC allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects eaSYNC: from n/a through 1.3.19.... Read more

    Affected Products : easync
    • Published: Apr. 04, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-32224

    Missing Authorization vulnerability in shivammani Privyr CRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Privyr CRM: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-32246

    Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Restore Database allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 1-Click Backup & Restore Database: from n/a through 1.0.3.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-32250

    Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar allows Cross Site Request Forgery. This issue affects Rollbar: from n/a through 2.7.1.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 5.4

    MEDIUM
    CVE-2019-19453

    Wowza Streaming Engine before 4.8.5 allows XSS (issue 1 of 2). An authenticated user, with access to the proxy license editing is able to insert a malicious payload that will be triggered in the main page of server settings. This issue was resolved in Wow... Read more

    Affected Products : streaming_engine
    • Published: Aug. 03, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-45045

    Missing Authorization vulnerability in Kishor Khambu WP Custom Widget area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget area: from n/a through 1.2.5.... Read more

    Affected Products : wp_custom_widget_area
    • Published: Jan. 02, 2025
    • Modified: Jan. 02, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2023-45631

    Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.... Read more

    Affected Products : gallery
    • Published: Jan. 02, 2025
    • Modified: Mar. 21, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2023-46607

    Missing Authorization vulnerability in WP iCal Availability WP iCal Availability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP iCal Availability: from n/a through 1.0.3.... Read more

    Affected Products : wp_ical_availability
    • Published: Jan. 02, 2025
    • Modified: Jan. 02, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2023-46633

    Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2.... Read more

    Affected Products : wp_glossary
    • Published: Jan. 02, 2025
    • Modified: Jan. 02, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2023-47187

    Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through 5.4.... Read more

    Affected Products :
    • Published: Jan. 02, 2025
    • Modified: Jan. 02, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2023-47661

    Missing Authorization vulnerability in Dragfy Dragfy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dragfy Addons for Elementor: from n/a through 1.0.2.... Read more

    Affected Products :
    • Published: Jan. 02, 2025
    • Modified: Jan. 02, 2025
    • Vuln Type: Authorization
Showing 20 of 294863 Results