Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKube Cool Tag Cloud cool-tag-cloud allows Stored XSS.This issue affects Cool Tag Cloud: from n/…
Authentication Bypass Using an Alternate Path or Channel vulnerability in ahachat AhaChat Messenger Marketing ahachat-messenger-marketing allows Password Recovery Exploitation.This issue affects AhaC…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in peterwsterling Simple Archive Generator simple-archive-generator allows Reflected XSS.This issue …
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz iContact for Gravity Forms gravity-forms-icontact allows Reflected XSS.This issue affec…
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Murtaza Bhurgri Woo File Dropzone woo-file-dropzone allows Path Traversal.This issue affects Woo File D…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in keeswolters Mopinion Feedback Form mopinion-feedback-form allows DOM-Based XSS.This issue affects…
Insertion of Sensitive Information Into Sent Data vulnerability in themeglow JobBoard Job listing job-board-light allows Retrieve Embedded Sensitive Data.This issue affects JobBoard Job listing: from…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harman79 ID Arrays id-arrays allows DOM-Based XSS.This issue affects ID Arrays: from n/a through …
Deserialization of Untrusted Data vulnerability in Kleor Contact Manager contact-manager allows Object Injection.This issue affects Contact Manager: from n/a through <= 9.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webmuehle Court Reservation court-reservation allows Reflected XSS.This issue affects Court Reser…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anmari amr cron manager amr-cron-manager allows Reflected XSS.This issue affects amr cron manager…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itex iSape isape allows Reflected XSS.This issue affects iSape: from n/a through <= 0.72.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paris Holley Asynchronous Javascript asynchronous-javascript allows Reflected XSS.This issue affe…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Reflected XSS.This issue af…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DaleAB Membee Login membees-member-login-widget allows Reflected XSS.This issue affects Membee Lo…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bas Schuiling FeedWordPress Advanced Filters faf allows Reflected XSS.This issue affects FeedWord…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in totalbounty Widget Logic Visual widget-logic-visual allows Reflected XSS.This issue affects Widge…
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder toppe…
Missing Authorization vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Exploiting Incorrectly Configured Access Co…
Missing Authorization vulnerability in Saiful Islam Sync Master Sheet – Product Sync with Google Sheet for WooCommerce product-sync-master-sheet allows Exploiting Incorrectly Configured Access …