Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.5

MEDIUM

CVE-2025-23886

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Roberts Annie allows Stored XSS.This issue affects Annie: from n/a through 2.1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23884

Cross-Site Request Forgery (CSRF) vulnerability in Chris Roberts Annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through 2.1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23880

Cross-Site Request Forgery (CSRF) vulnerability in anmari amr personalise allows Cross Site Request Forgery.This issue affects amr personalise: from n/a through 2.10....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
5.9

MEDIUM

CVE-2025-23878

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Post-to-Post Links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through 4.2....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23877

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nitethemes Nite Shortcodes allows Stored XSS.This issue affects Nite Shortcodes: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23876

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jens Remus WP krpano allows Stored XSS.This issue affects WP krpano: from n/a through 1.2.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23875

Cross-Site Request Forgery (CSRF) vulnerability in Tim Ridgway Better Protected Pages allows Stored XSS.This issue affects Better Protected Pages: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23873

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshi Solutions Category D3 Tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23872

Cross-Site Request Forgery (CSRF) vulnerability in PayForm PayForm allows Stored XSS.This issue affects PayForm: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23871

Cross-Site Request Forgery (CSRF) vulnerability in Bas Matthee LSD Google Maps Embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23870

Cross-Site Request Forgery (CSRF) vulnerability in Robert Nicholson Copyright Safeguard Footer Notice allows Stored XSS.This issue affects Copyright Safeguard Footer Notice: from n/a through 3.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23869

Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.k.a CyberJack CJ Custom Content allows Stored XSS.This issue affects CJ Custom Content: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23868

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markus Liebelt Chess Tempo Viewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through 0.9.5....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23865

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pressfore Winning Portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23864

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Code Snippets (Luke America) WCS QR Code Generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23863

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eiji ‘Sabaoh’ Yamada Rollover Tab allows Stored XSS.This issue affects Rollover Tab: from n/a through 1.3.2....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
5.3

MEDIUM

CVE-2025-23862

Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through 1.0.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Authorization
7.1

HIGH

CVE-2025-23861

Cross-Site Request Forgery (CSRF) vulnerability in Katz Web Services, Inc. Debt Calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through 1.0.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23860

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eyouth { rob.panes } Charity-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through 1.1.2....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23859

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joshua Wieczorek Daily Proverb allows Stored XSS.This issue affects Daily Proverb: from n/a through 2.0.3....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting

Showing 20 of 291219 Results

1
...
1400
1401
1402
1403
1404
1405
1406
...
14561

Latest CVE Feed

6.5

7.1

7.1

5.9

6.5

6.5

7.1

6.5

7.1

7.1

7.1

7.1

6.5

6.5

6.5

6.5

5.3

7.1

6.5

6.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable