Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.3 CRITICAL
CVE-2026-39438 — WordPress ListingPro plugin <= 2.9.10 - SQL Injection vulnerability

Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions.

Remote | Injection
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
6.5 MEDIUM
CVE-2026-39433 — WordPress WPAMS plugin < 49.5.3 - Arbitrary Content Deletion vulnerability

Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.

Remote | Authorization
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2026-34895 — WordPress Softlab Core plugin < 1.2.11 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2026-34894 — WordPress Integrio Core plugin < 1.2.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2026-34893 — WordPress Thegov Core plugin < 2.0.23 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
9.8 CRITICAL
CVE-2026-27429 — WordPress Nifty theme <= 1.4.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.

Remote | Injection
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
9.8 CRITICAL
CVE-2026-27395 — WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions.

support_board | Remote | Authentication
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.8 HIGH
CVE-2026-12256 — WordPress Avada theme <= 3.15.3 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Avada <= 3.15.3 versions.

Remote | Injection
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69178 — WordPress Truemag theme <= 4.3.14.2 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69177 — WordPress Roneous theme <= 2.1.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69176 — WordPress ITactics theme <= 1.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69168 — WordPress Spike theme <= 1.2 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Spike <= 1.2 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69167 — WordPress Eros theme <= 1.3 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Eros <= 1.3 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69165 — WordPress Choreo theme <= 1.6 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69163 — WordPress WineShop theme <= 3.17 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69162 — WordPress Grecko theme <= 5.17 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Grecko <= 5.17 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69160 — WordPress Gita theme <= 1.11 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Gita <= 1.11 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69159 — WordPress Printo theme <= 1.11 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Printo <= 1.11 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
7.1 HIGH
CVE-2025-69151 — WordPress Grand Car Rental theme <= 3.7 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.

Remote | Cross-Site Scripting
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69150 — WordPress Medeus theme <= 1.14 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
Showing 20 of 7351 Results