Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2025-31822

    Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Simple HTML Sitemap: from n/a through 3.2.... Read more

    Affected Products : wordpress_simple_html_sitemap
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Authorization

  • 4.7

    MEDIUM
    CVE-2025-31821

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integration of Zoho CRM and Contact Form 7 allows Phishing. This issue affects Integration of Zoho CRM and Contact Form 7: from n/a through 1.0.6.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Misconfiguration

  • 4.3

    MEDIUM
    CVE-2025-31820

    Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Automatic Featured Images from Videos: from n/a through 1.2.4.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-31818

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ContentBot.ai ContentBot AI Writer allows Stored XSS. This issue affects ContentBot AI Writer: from n/a through 1.2.4.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-31817

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWheels BlockWheels allows DOM-Based XSS. This issue affects BlockWheels: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-31816

    Missing Authorization vulnerability in pietro Mobile App Canvas allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mobile App Canvas: from n/a through 3.8.1.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-31815

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devscred Design Blocks allows Stored XSS. This issue affects Design Blocks: from n/a through 1.2.2.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.3

    MEDIUM
    CVE-2025-31814

    Cross-Site Request Forgery (CSRF) vulnerability in OwnerRez OwnerRez allows Cross Site Request Forgery. This issue affects OwnerRez: from n/a through 1.2.0.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.5

    MEDIUM
    CVE-2025-31813

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Website366.com WPSHARE247 Elementor Addons allows Stored XSS. This issue affects WPSHARE247 Elementor Addons: from n/a through 2.1.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-31812

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas BuddyPress Members Only allows Stored XSS. This issue affects BuddyPress Members Only: from n/a through 3.5.3.... Read more

    Affected Products : buddypress_members_only
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-31811

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtreeme Planyo online reservation system allows Stored XSS. This issue affects Planyo online reservation system: from n/a through 3.0.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2025-31810

    Missing Authorization vulnerability in PickPlugins Question Answer allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Question Answer: from n/a through 1.2.70.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-31809

    Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator allows Cross Site Request Forgery. This issue affects Labinator Content Types Duplicator: from n/a through 1.1.3.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 4.3

    MEDIUM
    CVE-2025-31808

    Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor allows Cross Site Request Forgery. This issue affects SCSS WP Editor: from n/a through 1.1.8.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 4.3

    MEDIUM
    CVE-2025-31807

    Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce allows Cross Site Request Forgery. This issue affects Product Notices for WooCommerce: from n/a through 1.3.3.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 5.9

    MEDIUM
    CVE-2025-31806

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uSystems Webling allows Stored XSS. This issue affects Webling: from n/a through 3.9.0.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-31805

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Systems Gutena Kit – Gutenberg Blocks and Templates allows Stored XSS. This issue affects Gutena Kit – Gutenberg Blocks and Templates: from n... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-31804

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DraftPress Team Follow Us Badges allows Stored XSS. This issue affects Follow Us Badges: from n/a through 3.1.11.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-31803

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neteuro Turisbook Booking System allows Stored XSS. This issue affects Turisbook Booking System: from n/a through 1.3.7.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-31802

    Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shiptimize for WooCommerce: from n/a through 3.1.86.... Read more

    Affected Products :
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Authorization
Showing 20 of 293284 Results