Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2014-10397

    The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php.... Read more

    Affected Products : antioch
    • EPSS Score: %1.15
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2014-10396

    The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php.... Read more

    Affected Products : epic
    • EPSS Score: %1.15
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10395

    The cp-polls plugin before 1.0.1 for WordPress has XSS in the votes list.... Read more

    Affected Products : polls_cp
    • EPSS Score: %0.19
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10394

    The rich-counter plugin before 1.2.0 for WordPress has JavaScript injection via a User-Agent header.... Read more

    Affected Products : rich_counter
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10393

    The cforms2 plugin before 10.5 for WordPress has XSS.... Read more

    Affected Products : cformsii
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10392

    The cforms2 plugin before 10.2 for WordPress has XSS.... Read more

    Affected Products : cformsii
    • EPSS Score: %0.28
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10391

    The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection.... Read more

    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2014-10390

    The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal.... Read more

    • EPSS Score: %0.52
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-10389

    The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication.... Read more

    • EPSS Score: %0.79
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2014-10388

    The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure.... Read more

    • EPSS Score: %0.25
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-10387

    The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection.... Read more

    • EPSS Score: %0.51
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10386

    The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections.... Read more

    Affected Products : live_chat
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10385

    The memphis-documents-library plugin before 3.0 for WordPress has XSS via $_REQUEST.... Read more

    Affected Products : memphis_documents_library
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-10384

    The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion.... Read more

    Affected Products : memphis_documents_library
    • EPSS Score: %0.91
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-10383

    The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion.... Read more

    Affected Products : memphis_documents_library
    • EPSS Score: %1.55
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2014-10382

    The feature-comments plugin before 1.2.5 for WordPress has CSRF for featuring or burying a comment.... Read more

    Affected Products : featured_comments
    • EPSS Score: %0.10
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2014-10381

    The user-domain-whitelist plugin before 1.5 for WordPress has CSRF.... Read more

    Affected Products : user_domain_whitelist
    • EPSS Score: %0.11
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10380

    The profile-builder plugin before 1.1.66 for WordPress has multiple XSS issues in forms.... Read more

    Affected Products : profile_builder
    • EPSS Score: %0.19
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-10379

    The duplicate-post plugin before 2.6 for WordPress has SQL injection.... Read more

    Affected Products : duplicate_post
    • EPSS Score: %0.51
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-10378

    The duplicate-post plugin before 2.6 for WordPress has XSS.... Read more

    Affected Products : duplicate_post
    • EPSS Score: %0.19
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291794 Results