Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-1317 — WP Import – Ultimate CSV XML Importer for WordPress <= 7.37 - Authenticated (Subscriber+)…

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 7.37. This is due to insufficient escaping on the `fi…

Remote | Injection
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
4.9 MEDIUM
CVE-2025-8781 — Bookster – WordPress Appointment Booking Plugin <= 2.1.1 - Authenticated (Administrator+)…

The Bookster – WordPress Appointment Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘raw’ parameter in all versions up to, and including, 2.1.1 due to insufficient escapin…

bookster | Remote | Injection
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
5.3 MEDIUM
CVE-2025-7630 — OTP Password Brute Forcing in DorukNet's Wispotter

Improper Restriction of Excessive Authentication Attempts, Improper Authentication vulnerability in Doruk Communication and Automation Industry and Trade Inc. Wispotter allows Password Brute Forcing,…

Remote | Authentication
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
Showing 20 of 5743 Results