Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2025-23476

    Cross-Site Request Forgery (CSRF) vulnerability in isnowfy my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23471

    Cross-Site Request Forgery (CSRF) vulnerability in Andy Chapman ECT Add to Cart Button allows Stored XSS.This issue affects ECT Add to Cart Button: from n/a through 1.4.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23470

    Cross-Site Request Forgery (CSRF) vulnerability in X Villamuera Visit Site Link enhanced allows Stored XSS.This issue affects Visit Site Link enhanced: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23467

    Cross-Site Request Forgery (CSRF) vulnerability in Vimal Ghorecha RSS News Scroller allows Stored XSS.This issue affects RSS News Scroller: from n/a through 2.0.0.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23463

    Cross-Site Request Forgery (CSRF) vulnerability in Mukesh Dak MD Custom content after or before of post allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23456

    Cross-Site Request Forgery (CSRF) vulnerability in Somethinkodd.com Development Team EmailShroud allows Reflected XSS.This issue affects EmailShroud: from n/a through 2.2.1.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23455

    Cross-Site Request Forgery (CSRF) vulnerability in mastersoftwaresolutions WP VTiger Synchronization allows Stored XSS.This issue affects WP VTiger Synchronization: from n/a through 1.1.1.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23453

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Myriad Solutionz Stars SMTP Mailer allows Reflected XSS.This issue affects Stars SMTP Mailer: from n/a through 1.7.... Read more

    Affected Products : stars_smtp_mailer
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23452

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EditionGuard Dev Team EditionGuard for WooCommerce – eBook Sales with DRM allows Reflected XSS.This issue affects EditionGuard for WooCommerce – eBook Sa... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23445

    Cross-Site Request Forgery (CSRF) vulnerability in Scott Swezey Easy Tynt allows Cross Site Request Forgery.This issue affects Easy Tynt: from n/a through 0.2.5.1.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.5

    MEDIUM
    CVE-2025-23444

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nasir Scroll Top Advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a through 2.5.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23442

    Cross-Site Request Forgery (CSRF) vulnerability in matias s Shockingly Big IE6 Warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through 1.6.3.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23438

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MarvinLabs WP PT-Viewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through 2.0.2.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23436

    Cross-Site Request Forgery (CSRF) vulnerability in Capa Wp-Scribd-List allows Stored XSS.This issue affects Wp-Scribd-List: from n/a through 1.2.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23435

    Cross-Site Request Forgery (CSRF) vulnerability in David Marcucci Password Protect Plugin for WordPress allows Stored XSS.This issue affects Password Protect Plugin for WordPress: from n/a through 0.8.1.0.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.5

    MEDIUM
    CVE-2025-23434

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Albertolabs.com Easy EU Cookie law allows Stored XSS.This issue affects Easy EU Cookie law: from n/a through 1.3.3.1.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23432

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlTi5 AlT Report allows Reflected XSS.This issue affects AlT Report: from n/a through 1.12.0.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23430

    Cross-Site Request Forgery (CSRF) vulnerability in Oren Yomtov Mass Custom Fields Manager allows Reflected XSS.This issue affects Mass Custom Fields Manager: from n/a through 1.5.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-23429

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in altimawebsystems.com Altima Lookbook Free for WooCommerce allows Reflected XSS.This issue affects Altima Lookbook Free for WooCommerce: from n/a through ... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-23426

    Cross-Site Request Forgery (CSRF) vulnerability in Wizcrew Technologies go Social allows Stored XSS.This issue affects go Social: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Jan. 16, 2025
    • Modified: Jan. 16, 2025
    • Vuln Type: Cross-Site Request Forgery
Showing 20 of 291274 Results