Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    CVSS31
    CVE-2025-31621

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in davidpaulsson byBrick Accordion allows Stored XSS. This issue affects byBrick Accordion: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 6.5

    CVSS31
    CVE-2025-31620

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carperfer CoverManager allows Stored XSS. This issue affects CoverManager: from n/a through 0.0.1.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 5.3

    CVSS31
    CVE-2025-31618

    Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.9.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 7.1

    CVSS31
    CVE-2025-31617

    Cross-Site Request Forgery (CSRF) vulnerability in Gagan Deep Singh PostmarkApp Email Integrator allows Cross Site Request Forgery. This issue affects PostmarkApp Email Integrator: from n/a through 2.4.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 7.1

    CVSS31
    CVE-2025-31616

    Cross-Site Request Forgery (CSRF) vulnerability in AdminGeekZ Varnish WordPress allows Cross Site Request Forgery. This issue affects Varnish WordPress: from n/a through 1.7.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 7.1

    CVSS31
    CVE-2025-31615

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in owenr88 Simple Contact Forms allows Stored XSS. This issue affects Simple Contact Forms: from n/a through 1.6.4.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 6.5

    CVSS31
    CVE-2025-31614

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hiroprot Terms Before Download allows Stored XSS. This issue affects Terms Before Download: from n/a through 1.0.4.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 7.1

    CVSS31
    CVE-2025-31613

    Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel allows Cross Site Request Forgery. This issue affects AB Google Map Travel : from n/a through 4.6.... Read more

    Affected Products : ab_google_map_travel
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 4.3

    CVSS31
    CVE-2025-31611

    Missing Authorization vulnerability in Shaharia Azam Auto Post After Image Upload allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Post After Image Upload: from n/a through 1.6.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 5.9

    CVSS31
    CVE-2025-31610

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gingerplugins Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme allows Stored XSS. This issue affects Notification Bar, Sticky ... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 4.3

    CVSS31
    CVE-2025-31609

    Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPCargo Track & Trace: from n/a through 7.0.6.... Read more

    Affected Products : track_\&_trace
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 6.5

    CVSS31
    CVE-2025-31608

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reDim GmbH CookieHint WP allows Stored XSS. This issue affects CookieHint WP: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 6.5

    CVSS31
    CVE-2025-31607

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flomei Simple-Audioplayer allows Stored XSS. This issue affects Simple-Audioplayer: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 4.8

    CVSS31
    CVE-2025-31606

    Missing Authorization vulnerability in softpulseinfotech SP Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SP Blog Designer: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 5.9

    CVSS31
    CVE-2025-31605

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WeblineIndia Welcome Popup allows Stored XSS. This issue affects Welcome Popup: from n/a through 1.0.10.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 6.5

    CVSS31
    CVE-2025-31604

    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Cal.com Cal.com allows Stored XSS. This issue affects Cal.com: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 5.4

    CVSS31
    CVE-2025-31603

    Missing Authorization vulnerability in moshensky CF7 Spreadsheets allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 Spreadsheets: from n/a through 2.3.2.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 4.3

    CVSS31
    CVE-2025-31602

    Cross-Site Request Forgery (CSRF) vulnerability in apimofficiel Apimo Connector allows Cross Site Request Forgery. This issue affects Apimo Connector: from n/a through 2.6.3.1.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 6.5

    CVSS31
    CVE-2025-31601

    Cross-Site Request Forgery (CSRF) vulnerability in appointy Appointy Appointment Scheduler allows Cross Site Request Forgery. This issue affects Appointy Appointment Scheduler: from n/a through 4.2.1.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025

  • 4.3

    CVSS31
    CVE-2025-31600

    Cross-Site Request Forgery (CSRF) vulnerability in designnbuy DesignO allows Cross Site Request Forgery. This issue affects DesignO: from n/a through 2.2.0.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025
Showing 20 of 787 Results
© cvefeed.io
Latest DB Update: Apr. 02, 2025 10:14