Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.1

HIGH

CVE-2025-23821

Cross-Site Request Forgery (CSRF) vulnerability in Aleapp WP Cookies Alert allows Cross Site Request Forgery.This issue affects WP Cookies Alert: from n/a through 1.1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23820

Cross-Site Request Forgery (CSRF) vulnerability in Laxman Thapa Content Security Policy Pro allows Cross Site Request Forgery.This issue affects Content Security Policy Pro: from n/a through 1.3.5....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23818

Cross-Site Request Forgery (CSRF) vulnerability in Peggy Kuo More Link Modifier allows Stored XSS.This issue affects More Link Modifier: from n/a through 1.0.3....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23817

Cross-Site Request Forgery (CSRF) vulnerability in Mahadir Ahmad MHR-Custom-Anti-Copy allows Stored XSS.This issue affects MHR-Custom-Anti-Copy: from n/a through 2.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23816

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in metaphorcreations Metaphor Widgets allows Stored XSS. This issue affects Metaphor Widgets: from n/a through 2.4....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23815

Cross-Site Request Forgery (CSRF) vulnerability in linickx root Cookie allows Cross Site Request Forgery. This issue affects root Cookie: from n/a through 1.6....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23810

Cross-Site Request Forgery (CSRF) vulnerability in Igor Sazonov Len Slider allows Reflected XSS.This issue affects Len Slider: from n/a through 2.0.11....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23808

Cross-Site Request Forgery (CSRF) vulnerability in Matt van Andel Custom List Table Example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through 1.4.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23807

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jimmy Hu Spiderpowa Embed PDF allows Stored XSS.This issue affects Spiderpowa Embed PDF: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23805

Cross-Site Request Forgery (CSRF) vulnerability in SEOReseller Team SEOReseller Partner allows Cross Site Request Forgery.This issue affects SEOReseller Partner: from n/a through 1.3.15....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23804

Cross-Site Request Forgery (CSRF) vulnerability in Shiv Prakash Tiwari WP Service Payment Form With Authorize.net allows Reflected XSS.This issue affects WP Service Payment Form With Authorize.net: from n/a through 2.6.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23802

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steven Soehl WP-Revive Adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through 2.2.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23801

Cross-Site Request Forgery (CSRF) vulnerability in Benjamin Guy Style Admin allows Stored XSS.This issue affects Style Admin: from n/a through 1.4.3....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
7.1

HIGH

CVE-2025-23800

Cross-Site Request Forgery (CSRF) vulnerability in David Hamilton OrangeBox allows Cross Site Request Forgery.This issue affects OrangeBox: from n/a through 3.0.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
9.8

CRITICAL

CVE-2025-23797

Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows Privilege Escalation.This issue affects WP Options Editor: from n/a through 1.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23796

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tushar Patel Easy Portfolio allows Stored XSS.This issue affects Easy Portfolio: from n/a through 1.3....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23795

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gold Plugins Easy FAQs allows Stored XSS.This issue affects Easy FAQs: from n/a through 3.2.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-23794

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rccoder wp_amaps allows Stored XSS.This issue affects wp_amaps: from n/a through 1.7....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-23793

Cross-Site Request Forgery (CSRF) vulnerability in Turcu Ciprian Auto FTP allows Stored XSS. This issue affects Auto FTP: from n/a through 1.0.1....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-23791

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RocaPress Horizontal Line Shortcode allows Stored XSS.This issue affects Horizontal Line Shortcode: from n/a through 1.0....

Affected Products :
Published: Jan. 16, 2025

Modified: Jan. 16, 2025

Vuln Type: Cross-Site Scripting

Showing 20 of 291222 Results

1
...
1402
1403
1404
1405
1406
1407
1408
...
14562

Latest CVE Feed

7.1

7.1

7.1

7.1

6.5

7.1

7.1

7.1

6.5

7.1

7.1

6.5

7.1

7.1

9.8

6.5

6.5

6.5

7.1

6.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable