Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    CVSS31
    CVE-2025-32217

    Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ai Image Alt Text Generator for WP: from n/a through 1.0.8.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32207

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods allows Stored XSS. This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.6

    CVSS31
    CVE-2025-32204

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in rocketelements Split Test For Elementor allows SQL Injection. This issue affects Split Test For Elementor: from n/a through 1.8.2.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.6

    CVSS31
    CVE-2025-32203

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in manu225 Falling things allows SQL Injection. This issue affects Falling things: from n/a through 1.08.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 4.3

    CVSS31
    CVE-2025-32201

    Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Xpro Theme Builder: from n/a through 1.2.8.3.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 5.4

    CVSS31
    CVE-2025-32200

    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Nikita Advanced WordPress Backgrounds allows Code Injection. This issue affects Advanced WordPress Backgrounds: from n/a through 1.12.4.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32197

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Addons For Elementor allows Stored XSS. This issue affects Piotnet Addons For Elementor: from n/a through 2.4.34.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32196

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blazethemes News Kit Elementor Addons allows Stored XSS. This issue affects News Kit Elementor Addons: from n/a through 1.3.1.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32195

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart allows Stored XSS. This issue affects Ecwid Shopping Cart: from n/a through 7.0.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32194

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LA-Studio LA-Studio Element Kit for Elementor allows Stored XSS. This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.4.9.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32193

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMinds Simple WP Events allows Stored XSS. This issue affects Simple WP Events: from n/a through 1.8.17.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32192

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UltraPress Ultra Addons Lite for Elementor allows Stored XSS. This issue affects Ultra Addons Lite for Elementor: from n/a through 1.1.8.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32191

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon News Element Elementor Blog Magazine allows DOM-Based XSS. This issue affects News Element Elementor Blog Magazine: from n/a through 1.0.7.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32190

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smartwpress Musician's Pack for Elementor allows DOM-Based XSS. This issue affects Musician's Pack for Elementor: from n/a through 1.8.4.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32189

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Best WP Developer BWD Elementor Addons allows DOM-Based XSS. This issue affects BWD Elementor Addons: from n/a through 4.3.20.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32188

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ILLID Advanced Woo Labels allows Stored XSS. This issue affects Advanced Woo Labels: from n/a through 2.14.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32187

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quý Lê 91 Administrator Z allows DOM-Based XSS. This issue affects Administrator Z: from n/a through 2025.03.04.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32186

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Turbo Addons Turbo Addons for Elementor allows DOM-Based XSS. This issue affects Turbo Addons for Elementor: from n/a through 1.7.1.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32185

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Extend Themes Colibri Page Builder allows Stored XSS. This issue affects Colibri Page Builder: from n/a through 1.0.319.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32184

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Stored XSS. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.4.0.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025
Showing 20 of 409 Results
© cvefeed.io
Latest DB Update: Apr. 05, 2025 0:54