Latest CVE Vulnerabilities

8.3 HIGH

CVE-2025-13779 — ABB AWIN GW100/GW120 Authentication Bypass

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

| Authentication

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

8.3 HIGH

CVE-2025-13777 — ABB AWIN GW100/GW120 Authentication Bypass Capture-Replay Vulnerability

Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

| Authentication

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-2673 — OpenSSL TLS 1.3 Key Exchange Group Selection Vulnerability

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword.…

| Misconfiguration

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

6.5 MEDIUM

CVE-2025-13778 — ABB AWIN GW100 GW120 Authentication Bypass

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

| Authentication

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

7.5 HIGH

CVE-2026-4111 — Libarchive RAR5 Archive Decompression Infinite Loop Denial of Service Vulnerability

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processe…

Remote | Denial of Service

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32543 — CyberChimps Responsive Blocks Missing Authorization Vulnerability

Missing Authorization vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsi…

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32487 — Raratheme Lawyer Landing Page Missing Authorization Vulnerability

Missing Authorization vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Landing Page…

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32486 — Wptravelengine Travel Booking Missing Authorization Vulnerability

Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a…

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32461 — Really Simple SSL Missing Authorization Vulnerability

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simp…

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32462 — Liton Arefin Master Addons for Elementor Cross-site Scripting

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Master Addons for Elementor master-addons allows DOM-Based XSS.This issue affects Ma…

| Cross-Site Scripting

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32460 — Themefic Ultimate Addons for Contact Form 7 Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting …

| Cross-Site Scripting

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32459 — Flycart UpsellWP SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects Up…

| Injection

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32458 — RealMag777 WOLF SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 WOLF bulk-editor allows Blind SQL Injection.This issue affects WOLF: from n/a through …

| Injection

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32456 — Admin Menu Editor CSRF Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through <= 1.14.1.

| Cross-Site Request Forgery

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32457 — Wombat Plugins WooCommerce Advanced Product Fields Missing Authorization Vulnerability

Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields (Product Addons) for WooCommerce advanced-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access …

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32455 — RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter Cross-site Scripting

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects M…

| Cross-Site Scripting

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32454 — Avada ThemeFusion Cross-site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a t…

| Cross-Site Scripting

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32453 — Avada Core Missing Authorization Vulnerability

Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avada Core: from n/a through < 5.1…

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32452 — ThemeFusion Fusion Builder Missing Authorization Vulnerability

Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a th…

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

0.0 NA

CVE-2026-32451 — ThemeFusion Fusion Builder Missing Authorization Vulnerability

Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a th…

| Authorization

Mar 13, 2026 Mar 13, 2026

Mar 13, 2026

Latest CVE Feed

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Browse by Apps

Latest CVE Feed

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Cookie Preferences