Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2025-23806

    Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows Reflected XSS. This issue affects Ultimate Subscribe: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23803

    Cross-Site Request Forgery (CSRF) vulnerability in PQINA Snippy allows Reflected XSS. This issue affects Snippy: from n/a through 1.4.1.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23798

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eliott Robson Mass Messaging in BuddyPress allows Reflected XSS. This issue affects Mass Messaging in BuddyPress: from n/a through 2.2.1.... Read more

    Affected Products : buddypress
    • Published: Jan. 22, 2025
    • Modified: Jun. 18, 2025

  • 7.6

    HIGH
    CVE-2025-23784

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Contact Form 7 Round Robin Lead Distribution allows SQL Injection. This issue affects Contact Form 7 Round Robin Lead Distribution: from n/a thr... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.5

    HIGH
    CVE-2025-23781

    Insertion of Sensitive Information Into Sent Data vulnerability in NotFound WM Options Import Export allows Retrieve Embedded Sensitive Data. This issue affects WM Options Import Export: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.5

    HIGH
    CVE-2025-23774

    Insertion of Sensitive Information Into Sent Data vulnerability in NotFound WPDB to Sql allows Retrieve Embedded Sensitive Data. This issue affects WPDB to Sql: from n/a through 1.2.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23770

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Fast Tube allows Reflected XSS. This issue affects Fast Tube: from n/a through 2.3.1.... Read more

    Affected Products : fast_tube
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23769

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Content Mirror allows Reflected XSS. This issue affects Content Mirror: from n/a through 1.2.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23768

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound InFunding allows Reflected XSS. This issue affects InFunding: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23758

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pootle button allows Reflected XSS. This issue affects Pootle button: from n/a through 1.2.0.... Read more

    Affected Products : pootle_button
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23746

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound CMC MIGRATE allows Reflected XSS. This issue affects CMC MIGRATE: from n/a through 0.0.3.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23709

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kiro G. Formatted post allows Reflected XSS. This issue affects Formatted post: from n/a through 1.01.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23706

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Jet Skinner for BuddyPress allows Reflected XSS. This issue affects Jet Skinner for BuddyPress: from n/a through 1.2.5.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23701

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthew Blackford, LimeSquare Pty Ltd Lime Developer Login allows Reflected XSS. This issue affects Lime Developer Login: from n/a through 1.4.0.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23700

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yonatan Reinberg yCyclista allows Reflected XSS. This issue affects yCyclista: from n/a through 1.2.3.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Feb. 18, 2025

  • 7.1

    HIGH
    CVE-2025-23697

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebDeal s.r.o. Podčlánková inzerce allows Reflected XSS. This issue affects Podčlánková inzerce: from n/a through 2.4.0.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Feb. 18, 2025

  • 7.1

    HIGH
    CVE-2025-23732

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Filtering allows Reflected XSS. This issue affects Easy Filtering: from n/a through 2.5.0.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Jan. 22, 2025

  • 7.1

    HIGH
    CVE-2025-23696

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Staging CDN allows Reflected XSS. This issue affects Staging CDN: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Feb. 18, 2025

  • 7.1

    HIGH
    CVE-2025-23695

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound CtyGrid Hyp3rL0cal Search allows Reflected XSS. This issue affects CtyGrid Hyp3rL0cal Search: from n/a through 0.1.1.1.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Feb. 18, 2025

  • 7.1

    HIGH
    CVE-2025-23686

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Callum Richards Admin Menu Organizer allows Reflected XSS. This issue affects Admin Menu Organizer: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Jan. 22, 2025
    • Modified: Feb. 18, 2025
Showing 20 of 291150 Results