Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    CVSS31
    CVE-2025-32175

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vektor,Inc. VK Filter Search allows Stored XSS. This issue affects VK Filter Search: from n/a through 2.14.1.0.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32174

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tockify Tockify Events Calendar allows DOM-Based XSS. This issue affects Tockify Events Calendar: from n/a through 2.2.13.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32173

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks - The ultimate block collection allows Stored XSS. This issue affects B Blocks - The ultimate block collection: from n/a through 2.0.0.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32172

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yuri Baranov YaMaps for WordPress allows Stored XSS. This issue affects YaMaps for WordPress: from n/a through 0.6.31.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32171

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imtiaz Rayhan Table Block by Tableberg allows Stored XSS. This issue affects Table Block by Tableberg: from n/a through 0.6.0.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32170

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Motors allows Stored XSS. This issue affects Motors: from n/a through 1.4.65.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32169

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Prasad Showeblogin Social allows DOM-Based XSS. This issue affects Showeblogin Social: from n/a through 7.0.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32168

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeYatri Gutenify allows Stored XSS. This issue affects Gutenify: from n/a through 1.4.9.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32167

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devsoftbaltic SurveyJS allows Stored XSS. This issue affects SurveyJS: from n/a through 1.12.20.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32166

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in John Housholder Emma for WordPress allows Stored XSS. This issue affects Emma for WordPress: from n/a through 1.3.3.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32165

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fromdoppler Doppler Forms allows Stored XSS. This issue affects Doppler Forms: from n/a through 2.4.5.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32163

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS. This issue affects Xpro Elementor Addons: from n/a through 1.4.9.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32162

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Morgan Kay Chamber Dashboard Business Directory allows DOM-Based XSS. This issue affects Chamber Dashboard Business Directory: from n/a through 3.3.11.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 6.5

    CVSS31
    CVE-2025-32161

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryo Arkhe Blocks allows Stored XSS. This issue affects Arkhe Blocks: from n/a through 2.27.1.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.5

    CVSS31
    CVE-2025-32159

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Radius Blocks allows PHP Local File Inclusion. This issue affects Radius Blocks: from n/a through 2.2.1.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.5

    CVSS31
    CVE-2025-32157

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jakub Glos Sparkle Elementor Kit allows PHP Local File Inclusion. This issue affects Sparkle Elementor Kit: from n/a through 2.0.9.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.5

    CVSS31
    CVE-2025-32156

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Alex Prokopenko / JustCoded Just Post Preview Widget allows PHP Local File Inclusion. This issue affects Just Post Preview Widget: fro... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.5

    CVSS31
    CVE-2025-32155

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in markkinchin Beds24 Online Booking allows PHP Local File Inclusion. This issue affects Beds24 Online Booking: from n/a through 2.0.26.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.5

    CVSS31
    CVE-2025-32154

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Catch Themes Catch Dark Mode allows PHP Local File Inclusion. This issue affects Catch Dark Mode: from n/a through 1.2.1.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025

  • 7.5

    CVSS31
    CVE-2025-32153

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in vinagecko VG WooCarousel allows PHP Local File Inclusion. This issue affects VG WooCarousel: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Apr. 04, 2025
    • Modified: Apr. 04, 2025
Showing 20 of 404 Results
© cvefeed.io
Latest DB Update: Apr. 05, 2025 6:54