Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.9 MEDIUM
CVE-2025-8781 — Bookster – WordPress Appointment Booking Plugin <= 2.1.1 - Authenticated (Administrator+)…

The Bookster – WordPress Appointment Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘raw’ parameter in all versions up to, and including, 2.1.1 due to insufficient escapin…

bookster | Remote | Injection
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
5.3 MEDIUM
CVE-2025-7630 — OTP Password Brute Forcing in DorukNet's Wispotter

Improper Restriction of Excessive Authentication Attempts, Improper Authentication vulnerability in Doruk Communication and Automation Industry and Trade Inc. Wispotter allows Password Brute Forcing,…

Remote | Authentication
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
6.5 MEDIUM
CVE-2025-14799 — Brevo - Email, SMS, Web Push, Chat, and more. <= 3.3.0 - Unauthenticated Authorization By…

The Brevo - Email, SMS, Web Push, Chat, and more. plugin for WordPress is vulnerable to authorization bypass due to type juggling in all versions up to, and including, 3.3.0. This is due to the use o…

Remote | Authorization
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
Showing 20 of 5743 Results