Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2025-22557

    Cross-Site Request Forgery (CSRF) vulnerability in WPMagic News Publisher Autopilot allows Cross Site Request Forgery.This issue affects News Publisher Autopilot: from n/a through 2.1.4.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-22556

    Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows Cross Site Request Forgery.This issue affects Norse Rune Oracle Plugin: from n/a through 1.4.1.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.1

    HIGH
    CVE-2025-22555

    Cross-Site Request Forgery (CSRF) vulnerability in Noel Jarencio. Smoothness Slider Shortcode allows Cross Site Request Forgery.This issue affects Smoothness Slider Shortcode: from n/a through v1.2.2.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.5

    MEDIUM
    CVE-2025-22554

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric Franklin Video Embed Optimizer allows Stored XSS.This issue affects Video Embed Optimizer: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-22552

    Cross-Site Request Forgery (CSRF) vulnerability in Jason Keeley, Bryan Nielsen Affiliate Disclosure Statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through 0.3.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.5

    MEDIUM
    CVE-2025-22551

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Julien Crego Boot-Modal allows Stored XSS.This issue affects Boot-Modal: from n/a through 1.9.1.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025

  • 6.5

    MEDIUM
    CVE-2025-22550

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddFunc AddFunc Mobile Detect allows Stored XSS.This issue affects AddFunc Mobile Detect: from n/a through 3.1.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-22549

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pablo Cornehl WP Github allows Stored XSS.This issue affects WP Github: from n/a through 1.3.3.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-22548

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frank Koenen ldap_login_password_and_role_manager allows Stored XSS.This issue affects ldap_login_password_and_role_manager: from n/a through 1.0.12.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-22547

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jay Krishnan G JK Html To Pdf allows Stored XSS.This issue affects JK Html To Pdf: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-22546

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in One Plus Solution jQuery TwentyTwenty allows Stored XSS.This issue affects jQuery TwentyTwenty: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-22545

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sw-galati.ro iframe to embed allows Stored XSS.This issue affects iframe to embed: from n/a through 1.2.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-22544

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mind Doodle Mind Doodle Visual Sitemaps & Tasks allows Stored XSS.This issue affects Mind Doodle Visual Sitemaps & Tasks: from n/a through 1.6.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-22543

    Missing Authorization vulnerability in Beautiful Templates ST Gallery WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ST Gallery WP: from n/a through 1.0.8.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-22541

    Missing Authorization vulnerability in Etruel Developments LLC WP Delete Post Copies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delete Post Copies: from n/a through 5.5.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Authorization

  • 7.1

    HIGH
    CVE-2025-22538

    Cross-Site Request Forgery (CSRF) vulnerability in Ofek Nakar Virtual Bot allows Stored XSS.This issue affects Virtual Bot: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.6

    HIGH
    CVE-2025-22536

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hiren Patel WP Music Player allows SQL Injection.This issue affects WP Music Player: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Injection

  • 5.4

    MEDIUM
    CVE-2025-22534

    Missing Authorization vulnerability in Ella van Durpe Slides & Presentations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slides & Presentations: from n/a through 0.0.39.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Authorization

  • 7.6

    HIGH
    CVE-2025-22533

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WOOEXIM.COM WOOEXIM allows SQL Injection.This issue affects WOOEXIM: from n/a through 5.0.0.... Read more

    Affected Products : wooexim
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-22532

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nagy Sandor Simple Photo Sphere allows Stored XSS.This issue affects Simple Photo Sphere: from n/a through 0.0.10.... Read more

    Affected Products :
    • Published: Jan. 07, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 293517 Results