Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2015-9363

    iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().... Read more

    Affected Products : exchange
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9362

    The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg().... Read more

    Affected Products : post_connector
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9361

    The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg().... Read more

    Affected Products : related_posts
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9360

    The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg().... Read more

    Affected Products : updraftplus
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9359

    The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg().... Read more

    Affected Products : jetpack
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9358

    The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().... Read more

    Affected Products : feedwordpress
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9357

    The akismet plugin before 3.1.5 for WordPress has XSS.... Read more

    Affected Products : akismet
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9356

    The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg(), a different issue than CVE-2014-9460.... Read more

    Affected Products : wp-vipergb
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9355

    The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.... Read more

    Affected Products : two-factor-authentication
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2015-9354

    The gigpress plugin before 2.3.11 for WordPress has XSS.... Read more

    Affected Products : gigpress
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2015-9353

    The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066.... Read more

    Affected Products : gigpress
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9352

    The wp-polls plugin before 2.72 for WordPress has SQL injection.... Read more

    Affected Products : wp-polls
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9351

    The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button.... Read more

    Affected Products : feed_them_social
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9350

    The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button.... Read more

    Affected Products : feed_them_social
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9349

    The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (old)" file browser.... Read more

    Affected Products : ckeditor
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-9348

    The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs.... Read more

    Affected Products : sell_downloads
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9347

    The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors.... Read more

    Affected Products : plotly
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9346

    The cp-polls plugin before 1.0.5 for WordPress has XSS.... Read more

    Affected Products : polls_cp
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-9345

    The link-log plugin before 2.0 for WordPress has HTTP Response Splitting.... Read more

    Affected Products : link_log
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9344

    The link-log plugin before 2.1 for WordPress has SQL injection.... Read more

    Affected Products : link_log
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292813 Results