Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2015-9316

    The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter.... Read more

    Affected Products : wp_fastest_cache
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9315

    The newstatpress plugin before 1.0.1 for WordPress has SQL injection.... Read more

    Affected Products : newstatpress
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9314

    The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header.... Read more

    Affected Products : newstatpress
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9313

    The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.... Read more

    Affected Products : newstatpress
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9312

    The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element.... Read more

    Affected Products : newstatpress
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9311

    The newstatpress plugin before 1.0.6 for WordPress has reflected XSS.... Read more

    Affected Products : newstatpress
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9310

    The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.... Read more

    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9306

    The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS.... Read more

    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9304

    The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input.... Read more

    Affected Products : ultimate_member
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9303

    The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS.... Read more

    Affected Products : simple_share_buttons_adder
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9302

    The simple-fields plugin before 1.4.11 for WordPress has XSS.... Read more

    Affected Products : simple_fields
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9301

    The liveforms plugin before 3.2.0 for WordPress has SQL injection.... Read more

    Affected Products : live_forms
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9300

    The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues.... Read more

    Affected Products : events_manager events_manager
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9299

    The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.... Read more

    Affected Products : events_manager events_manager
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-9298

    The events-manager plugin before 5.6 for WordPress has code injection.... Read more

    Affected Products : events_manager events_manager
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9297

    The events-manager plugin before 5.6 for WordPress has XSS.... Read more

    Affected Products : events_manager events_manager
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9296

    The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg.... Read more

    Affected Products : download_monitor
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9295

    The contact-form-plugin plugin before 3.96 for WordPress has XSS.... Read more

    Affected Products : contact_form
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9294

    The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.... Read more

    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9293

    The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature.... Read more

    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292787 Results