Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.1

HIGH

CVE-2025-23895

Cross-Site Request Forgery (CSRF) vulnerability in Dan Cameron Add RSS allows Stored XSS.This issue affects Add RSS: from n/a through 1.5....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23893

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Manuel Costales GMap Shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23892

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Furr and Simon Ward Progress Tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through 0.9.3....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23891

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Loy Yet Another Countdown allows DOM-Based XSS.This issue affects Yet Another Countdown: from n/a through 1.0.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23890

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tom Ewer and Tito Pandu Easy Tweet Embed allows DOM-Based XSS.This issue affects Easy Tweet Embed: from n/a through 1.7....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23887

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Allan Wallick Blog Summary allows Stored XSS.This issue affects Blog Summary: from n/a through 0.1.2 β....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23886

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Roberts Annie allows Stored XSS.This issue affects Annie: from n/a through 2.1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23884

Cross-Site Request Forgery (CSRF) vulnerability in Chris Roberts Annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through 2.1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23880

Cross-Site Request Forgery (CSRF) vulnerability in anmari amr personalise allows Cross Site Request Forgery.This issue affects amr personalise: from n/a through 2.10....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
5.9

MEDIUM

CVE-2025-23878

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Post-to-Post Links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through 4.2....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23877

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nitethemes Nite Shortcodes allows Stored XSS.This issue affects Nite Shortcodes: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23876

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jens Remus WP krpano allows Stored XSS.This issue affects WP krpano: from n/a through 1.2.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23875

Cross-Site Request Forgery (CSRF) vulnerability in Tim Ridgway Better Protected Pages allows Stored XSS.This issue affects Better Protected Pages: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23873

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshi Solutions Category D3 Tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23872

Cross-Site Request Forgery (CSRF) vulnerability in PayForm PayForm allows Stored XSS.This issue affects PayForm: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23871

Cross-Site Request Forgery (CSRF) vulnerability in Bas Matthee LSD Google Maps Embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23870

Cross-Site Request Forgery (CSRF) vulnerability in Robert Nicholson Copyright Safeguard Footer Notice allows Stored XSS.This issue affects Copyright Safeguard Footer Notice: from n/a through 3.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23869

Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.k.a CyberJack CJ Custom Content allows Stored XSS.This issue affects CJ Custom Content: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23868

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markus Liebelt Chess Tempo Viewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through 0.9.5....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23865

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pressfore Winning Portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting

Showing 20 of 291205 Results

1
...
1399
1400
1401
1402
1403
1404
1405
...
14561

Latest CVE Feed

7.1

6.5

6.5

6.5

6.5

6.5

6.5

7.1

7.1

5.9

6.5

6.5

7.1

6.5

7.1

7.1

7.1

7.1

6.5

6.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable