Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.1

HIGH

CVE-2025-23875

Cross-Site Request Forgery (CSRF) vulnerability in Tim Ridgway Better Protected Pages allows Stored XSS.This issue affects Better Protected Pages: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23873

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshi Solutions Category D3 Tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23872

Cross-Site Request Forgery (CSRF) vulnerability in PayForm PayForm allows Stored XSS.This issue affects PayForm: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23871

Cross-Site Request Forgery (CSRF) vulnerability in Bas Matthee LSD Google Maps Embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23870

Cross-Site Request Forgery (CSRF) vulnerability in Robert Nicholson Copyright Safeguard Footer Notice allows Stored XSS.This issue affects Copyright Safeguard Footer Notice: from n/a through 3.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23869

Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.k.a CyberJack CJ Custom Content allows Stored XSS.This issue affects CJ Custom Content: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23868

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markus Liebelt Chess Tempo Viewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through 0.9.5....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23865

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pressfore Winning Portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23864

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Code Snippets (Luke America) WCS QR Code Generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23863

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eiji ‘Sabaoh’ Yamada Rollover Tab allows Stored XSS.This issue affects Rollover Tab: from n/a through 1.3.2....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
5.3

MEDIUM

CVE-2025-23862

Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through 1.0.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Authorization
7.1

HIGH

CVE-2025-23861

Cross-Site Request Forgery (CSRF) vulnerability in Katz Web Services, Inc. Debt Calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through 1.0.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23860

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eyouth { rob.panes } Charity-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through 1.1.2....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23859

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joshua Wieczorek Daily Proverb allows Stored XSS.This issue affects Daily Proverb: from n/a through 2.0.3....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23856

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alessandro Staniscia Simple Vertical Timeline allows DOM-Based XSS.This issue affects Simple Vertical Timeline: from n/a through 0.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
5.9

MEDIUM

CVE-2025-23854

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YesStreaming.com Shoutcast and Icecast Internet Radio Hosting Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com allows Stored XSS.This iss...

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23848

Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Hotspots Analytics allows Stored XSS.This issue affects Hotspots Analytics: from n/a through 4.0.12....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23844

Cross-Site Request Forgery (CSRF) vulnerability in wellwisher Custom Widget Classes allows Cross Site Request Forgery.This issue affects Custom Widget Classes: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23842

Cross-Site Request Forgery (CSRF) vulnerability in Nilesh Shiragave WordPress Gallery Plugin allows Cross Site Request Forgery.This issue affects WordPress Gallery Plugin: from n/a through 1.4....

Affected Products : gallery
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23841

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikos M. Top Flash Embed allows Stored XSS.This issue affects Top Flash Embed: from n/a through 0.3.4....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting

Showing 20 of 291193 Results

1
...
1399
1400
1401
1402
1403
1404
1405
...
14560

Latest CVE Feed

7.1

6.5

7.1

7.1

7.1

7.1

6.5

6.5

6.5

6.5

5.3

7.1

6.5

6.5

6.5

5.9

7.1

7.1

7.1

6.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable