Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.5

MEDIUM

CVE-2025-22818

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in S3Bubble S3Player – WooCommerce & Elementor Integration allows Stored XSS.This issue affects S3Player – WooCommerce & Elementor Integration: from n/a thr...

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22817

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Venutius BP Profile Shortcodes Extra allows Stored XSS.This issue affects BP Profile Shortcodes Extra: from n/a through 2.6.0....

Affected Products : bp_profile_shortcodes_extra
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22815

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LLC Button Block allows Stored XSS.This issue affects Button Block: from n/a through 1.1.6....

Affected Products : button_block
Published: Jan. 09, 2025

Modified: Feb. 25, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-22814

Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Admin Theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through 1.4.1....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Request Forgery
6.5

MEDIUM

CVE-2025-22813

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ChatBot for WordPress - WPBot Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1....

Affected Products : conversational_forms_for_chatbot
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22812

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs News Ticker Widget for Elementor allows Stored XSS.This issue affects News Ticker Widget for Elementor: from n/a through 1.3.2....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22811

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modeltheme MT Addons for Elementor allows Stored XSS.This issue affects MT Addons for Elementor: from n/a through 1.0.6....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22810

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CBB Team Content Blocks Builder allows Stored XSS.This issue affects Content Blocks Builder: from n/a through 2.7.6....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22809

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gravity Master PDF Catalog Woocommerce allows DOM-Based XSS.This issue affects PDF Catalog Woocommerce: from n/a through 2.0....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22808

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Surbma Surbma | Premium WP allows DOM-Based XSS.This issue affects Surbma | Premium WP: from n/a through 9.0....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22807

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Peake Responsive Flickr Slideshow allows Stored XSS.This issue affects Responsive Flickr Slideshow: from n/a through 2.6.0....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22806

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows DOM-Based XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.8....

Affected Products : black_widgets_for_elementor
Published: Jan. 09, 2025

Modified: Mar. 20, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22805

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePoints Skill Bar allows Stored XSS.This issue affects Skill Bar: from n/a through 1.2....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22804

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.23....

Affected Products : author_avatars_list\/block
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22803

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Advanced Product Information for WooCommerce allows Stored XSS.This issue affects Advanced Product Information for WooCommerce: from n/a throu...

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-22802

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail allows Stored XSS.This issue affects Email Templat...

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025
6.5

MEDIUM

CVE-2025-22801

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through 1.2.8....

Affected Products : free_woocommerce_theme_99fy_extension
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-22595

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja Mailing Group Listserv allows Reflected XSS.This issue affects Mailing Group Listserv: from n/a through 2.0.9....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
7.1

HIGH

CVE-2025-22594

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hccoder – Sándor Fodor Better User Shortcodes allows Reflected XSS.This issue affects Better User Shortcodes: from n/a through 1.0....

Affected Products :
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Cross-Site Scripting
4.3

MEDIUM

CVE-2025-22561

Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Title Experiments Free: from n/a through 9.0.4....

Affected Products : title_experiments_free
Published: Jan. 09, 2025

Modified: Jan. 09, 2025

Vuln Type: Authorization

Showing 20 of 293507 Results

1
...
1581
1582
1583
1584
1585
1586
1587
...
14676

Browse by Apps

Latest CVE Feed

6.5

6.5

6.5

7.1

6.5

6.5

6.5

6.5

6.5

6.5

6.5

6.5

6.5

6.5

6.5

6.5

6.5

7.1

7.1

4.3

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable