Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2025-24690

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Michele Giorgi Formality allows PHP Local File Inclusion. This issue affects Formality: from n/a through 1.5.7.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Path Traversal

  • 7.1

    HIGH
    CVE-2025-23964

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Google Plus allows Reflected XSS. This issue affects Google Plus: from n/a through 1.0.2.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.1

    HIGH
    CVE-2025-23952

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ntm custom-field-list-widget allows PHP Local File Inclusion. This issue affects custom-field-list-widget: from n/a through 1.5.1.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Path Traversal

  • 8.1

    HIGH
    CVE-2025-23937

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound LinkedIn Lite allows PHP Local File Inclusion. This issue affects LinkedIn Lite: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Path Traversal

  • 7.1

    HIGH
    CVE-2025-23735

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cosmin Schiopu Infugrator allows Reflected XSS. This issue affects Infugrator: from n/a through 1.0.3.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23728

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AuMenu allows Reflected XSS. This issue affects AuMenu: from n/a through 1.1.5.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23714

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AppReview allows Reflected XSS. This issue affects AppReview: from n/a through 0.2.9.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23704

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Reuven Karasik Your Lightbox allows Reflected XSS. This issue affects Your Lightbox: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23680

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Narnoo Operator allows Reflected XSS. This issue affects Narnoo Operator: from n/a through 2.0.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23666

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Management-screen-droptiles allows Reflected XSS. This issue affects Management-screen-droptiles: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23638

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Frontend Post Submission allows Reflected XSS. This issue affects Frontend Post Submission: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025

  • 7.1

    HIGH
    CVE-2025-23633

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Database Audit allows Reflected XSS. This issue affects WP Database Audit: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23632

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhizome Networks CG Button allows Reflected XSS. This issue affects CG Button: from n/a through 1.0.5.6.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23612

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pixobe Cartography allows Reflected XSS. This issue affects Pixobe Cartography: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23546

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RDP inGroups+ allows Reflected XSS. This issue affects RDP inGroups+: from n/a through 1.0.6.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23543

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FOMO Pay Chinese Payment Solution allows Reflected XSS. This issue affects FOMO Pay Chinese Payment Solution: from n/a through 2.0.4.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23542

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert D Payne RDP Linkedin Login allows Reflected XSS. This issue affects RDP Linkedin Login: from n/a through 1.7.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23466

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsiteeditor Site Editor Google Map allows Reflected XSS. This issue affects Site Editor Google Map: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23460

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RWS Enquiry And Lead Follow-up allows Reflected XSS. This issue affects RWS Enquiry And Lead Follow-up: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23459

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound NS Simple Intro Loader allows Reflected XSS. This issue affects NS Simple Intro Loader: from n/a through 2.2.3.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291779 Results