Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2025-49996

    Missing Authorization vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.8.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49995

    Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Download Attachments: from n/a through 1.3.1.... Read more

    Affected Products : download_attachments
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49993

    Missing Authorization vulnerability in Cookie Script Cookie-Script.com allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cookie-Script.com: from n/a through 1.2.1.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49991

    Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14.... Read more

    Affected Products : wp-recall
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49990

    Missing Authorization vulnerability in contentstudio ContentStudio allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects ContentStudio: from n/a through 1.3.4.... Read more

    Affected Products : contentstudio
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49989

    Missing Authorization vulnerability in App Cheap App Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects App Builder: from n/a through 5.5.3.... Read more

    Affected Products : app_builder
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49988

    Missing Authorization vulnerability in Renzo Contact Form 7 AWeber Extension allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Contact Form 7 AWeber Extension: from n/a through 0.1.38.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49987

    Missing Authorization vulnerability in WPFactory CRM ERP Business Solution allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CRM ERP Business Solution: from n/a through 1.13.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-49986

    Missing Authorization vulnerability in thanhtungtnt Video List Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Video List Manager: from n/a through 1.7.... Read more

    Affected Products : video_list_manager
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-49985

    Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images allows Server Side Request Forgery. This issue affects Auto Upload Images: from n/a through 3.3.2.... Read more

    Affected Products : auto_upload_images
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Server-Side Request Forgery

  • 4.9

    MEDIUM
    CVE-2025-49984

    Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows Server Side Request Forgery. This issue affects PowerPress Podcasting: from n/a through 11.12.11.... Read more

    Affected Products : powerpress
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Server-Side Request Forgery

  • 4.9

    MEDIUM
    CVE-2025-49983

    Server-Side Request Forgery (SSRF) vulnerability in Joe Hoyle WPThumb allows Server Side Request Forgery. This issue affects WPThumb: from n/a through 0.10.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Server-Side Request Forgery

  • 4.3

    MEDIUM
    CVE-2025-49982

    Missing Authorization vulnerability in aguilatechnologies WP Customer Area allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Customer Area: from n/a through 8.2.5.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-49981

    Missing Authorization vulnerability in mahabub81 User Roles and Capabilities allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects User Roles and Capabilities: from n/a through 1.2.6.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-49980

    Missing Authorization vulnerability in WP Event Manager WP User Profile Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Profile Avatar: from n/a through 1.0.6.... Read more

    Affected Products : wp_event_manager
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-49979

    Missing Authorization vulnerability in slui Media Hygiene allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Media Hygiene: from n/a through 4.0.1.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-49978

    Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobSearch: from n/a through 2.9.0.... Read more

    Affected Products : jobsearch_wp_job_board
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-49977

    Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory WP Inventory Manager allows Cross Site Request Forgery. This issue affects WP Inventory Manager: from n/a through 2.3.4.... Read more

    Affected Products : wp_inventory_manager
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 4.3

    MEDIUM
    CVE-2025-49976

    Missing Authorization vulnerability in WANotifier WANotifier allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WANotifier: from n/a through 2.7.7.... Read more

    Affected Products : wanotifier
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-49975

    Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.4.0.... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Cross-Site Request Forgery
Showing 20 of 291908 Results