Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2015-10104

    A vulnerability, which was classified as problematic, has been found in Icons for Features Plugin 1.0.0 on WordPress. Affected by this issue is some unknown functionality of the file classes/class-icons-for-features-admin.php. The manipulation of the argu... Read more

    Affected Products : icons_for_features
    • Published: Apr. 30, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-10103

    A vulnerability, which was classified as problematic, was found in InternalError503 Forget It up to 1.3. This affects an unknown part of the file js/settings.js. The manipulation of the argument setForgetTime with the input 0 leads to infinite loop. It is... Read more

    Affected Products : forget_it
    • Published: Apr. 17, 2023
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2015-10102

    A vulnerability, which was classified as critical, has been found in Freshdesk Plugin 1.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to open redirect. The attack may be launched remotely. Upgrading to versio... Read more

    Affected Products : freshdesk
    • Published: Apr. 17, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10101

    A vulnerability classified as problematic was found in Google Analytics Top Content Widget Plugin up to 1.5.6 on WordPress. Affected by this vulnerability is an unknown functionality of the file class-tgm-plugin-activation.php. The manipulation leads to c... Read more

    • Published: Apr. 15, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10099

    A vulnerability classified as critical has been found in CP Appointment Calendar Plugin up to 1.1.5 on WordPress. This affects the function dex_process_ready_to_go_appointment of the file dex_appointments.php. The manipulation of the argument itemnumber l... Read more

    Affected Products : cp_appointment_calendar
    • Published: Apr. 10, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10098

    A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function print_module_list/show_warnings_section_notice/status_text/ui_get_action_links. The manipulation le... Read more

    Affected Products : broken_link_checker
    • Published: Apr. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10097

    A vulnerability was found in grinnellplans-php up to 3.0. It has been declared as critical. Affected by this vulnerability is the function interface_disp_page/interface_disp_page of the file read.php. The manipulation leads to sql injection. The attack ca... Read more

    Affected Products : grinnellplans
    • Published: Mar. 25, 2023
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2015-10096

    A vulnerability, which was classified as critical, was found in Zarthus IRC Twitter Announcer Bot up to 1.1.0. This affects the function get_tweets of the file lib/twitterbot/plugins/twitter_announcer.rb. The manipulation of the argument tweet leads to co... Read more

    Affected Products : irc_twitter_announcer_bot
    • Published: Mar. 20, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10095

    A vulnerability classified as problematic has been found in woo-popup Plugin up to 1.2.2 on WordPress. This affects an unknown part of the file admin/class-woo-popup-admin.php. The manipulation leads to cross site scripting. It is possible to initiate the... Read more

    Affected Products : woo-popup
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10094

    A vulnerability was found in Fastly Plugin up to 0.97 on WordPress. It has been rated as problematic. Affected by this issue is the function post of the file lib/api.php. The manipulation of the argument url leads to cross site scripting. The attack may b... Read more

    Affected Products : fastly
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2015-10093

    A vulnerability was found in Mark User as Spammer Plugin 1.0.0/1.0.1 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function user_row_actions of the file plugin/plugin.php. The manipulation of the argument url lea... Read more

    Affected Products : mark_user_as_spammer
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10092

    A vulnerability was found in Qtranslate Slug Plugin up to 1.1.16 on WordPress. It has been classified as problematic. Affected is the function add_slug_meta_box of the file includes/class-qtranslate-slug.php. The manipulation leads to cross site scripting... Read more

    Affected Products : qtranslate_slug
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2015-10091

    A vulnerability has been found in ByWater Solutions bywater-koha-xslt and classified as critical. This vulnerability affects the function StringSearch of the file admin/systempreferences.pl. The manipulation of the argument name leads to sql injection. Th... Read more

    Affected Products : bywater-koha-xslt
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10090

    A vulnerability, which was classified as problematic, has been found in Landing Pages Plugin up to 1.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotel... Read more

    Affected Products : landing-pages
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10089

    A vulnerability classified as problematic has been found in flame.js. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why informati... Read more

    Affected Products : flame.js
    • Published: Mar. 05, 2023
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2015-10088

    A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function http_connect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The comp... Read more

    Affected Products : ayttm
    • Published: Mar. 05, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-10087

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in UpThemes Theme DesignFolio Plus 1.2 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to unrestricted upload. Th... Read more

    Affected Products : designfolio-plus
    • Published: Mar. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10086

    A vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remo... Read more

    Affected Products : server-php
    • Published: Feb. 28, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-10085

    A vulnerability was found in GoPistolet. It has been declared as problematic. This vulnerability affects unknown code of the component MTA. The manipulation leads to denial of service. Continious delivery with rolling releases is used by this product. The... Read more

    Affected Products : gopistolet
    • Published: Feb. 21, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10084

    A vulnerability was found in irontec klear-library chloe and classified as critical. Affected by this issue is the function _prepareWhere of the file Controller/Rest/BaseController.php. The manipulation leads to sql injection. Upgrading to version marla i... Read more

    Affected Products : klear-library
    • Published: Feb. 21, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292778 Results