Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through <= 1.2.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itex iMoney imoney allows Reflected XSS.This issue affects iMoney: from n/a through <= 0.36.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes Diamond diamond allows Reflected XSS.This issue affects Diamond: from n/a through <= 2.…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Business Template Blocks for WPBakery (Visual Composer) Page Builder templates-and-addon…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hugh Mungus Visitor Maps Extended Referer Field visitor-maps-extended-referer-field allows Reflec…
Missing Authorization vulnerability in cliengo Cliengo – Chatbot cliengo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cliengo – Chatbot: from n/a through…
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in whatwouldjessedo Simple Retail Menus simple-retail-menus allows PHP Local File…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realvirtualmx RVCFDI para Woocommerce rvcfdi-para-woocommerce allows Reflected XSS.This issue aff…
Missing Authorization vulnerability in AgniHD Cartify - WooCommerce Gutenberg WordPress Theme cartify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cartif…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Timeline Event History timeline-event-history allows Reflected XSS.This issue affects …
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows PHP Local File Inclusion.…
Deserialization of Untrusted Data vulnerability in themesflat Themesflat Elementor themesflat-elementor allows Object Injection.This issue affects Themesflat Elementor: from n/a through <= 1.0.1.
Missing Authorization vulnerability in vanquish WooCommerce Bulk Product Editor woocommerce-quick-product-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff…
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload…
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload…
Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a throug…
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fie…
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fie…
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.This …
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SolverWp Eleblog – Elementor Blog And Magazine Addons ele-blog allows PHP Loca…