Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2025-55712

    Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 6... Read more

    Affected Products : the_plus_addons_for_elementor
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-55711

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Table Builder WP Table Builder allows Stored XSS. This issue affects WP Table Builder: from n/a through 2.0.12.... Read more

    Affected Products : wp_table_builder
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 4.3

    MEDIUM
    CVE-2025-55710

    Insertion of Sensitive Information Into Sent Data vulnerability in Steve Burge TaxoPress allows Retrieve Embedded Sensitive Data. This issue affects TaxoPress: from n/a through 3.37.2.... Read more

    Affected Products : taxopress
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-55709

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through n/a.... Read more

    Affected Products : visual_composer_website_builder
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 8.5

    HIGH
    CVE-2025-55708

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master allows SQL Injection. This issue affects Quiz And Survey Master: from n/a through 10.2.4.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-54749

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-54747

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS. This issue affects Templatera: from n/a through 2.3.0.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-54746

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cartpauj Shortcode Redirect allows Stored XSS. This issue affects Shortcode Redirect: from n/a through 1.0.02.... Read more

    Affected Products : shortcode-redirect
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-54740

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS. This issue affects Print My Blog: from n/a through 3.27.9.... Read more

    Affected Products : print_my_blog
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 5.3

    MEDIUM
    CVE-2025-54739

    Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4.... Read more

    Affected Products : nexter_blocks
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 5.3

    MEDIUM
    CVE-2025-54736

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded Sensitive Data. This issue affects Savoy: from n/a through 3.0.8.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 4.3

    MEDIUM
    CVE-2025-54732

    Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2.... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 5.3

    MEDIUM
    CVE-2025-54730

    Missing Authorization vulnerability in PARETO Digital Embedder for Google Reviews allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Embedder for Google Reviews: from n/a through 1.7.3.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 5.9

    MEDIUM
    CVE-2025-54729

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webba Appointment Booking Webba Booking allows Stored XSS. This issue affects Webba Booking: from n/a through 6.0.5.... Read more

    Affected Products : webba_booking
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 4.3

    MEDIUM
    CVE-2025-54728

    Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Cross Site Request Forgery. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2.... Read more

    Affected Products : cm_on_demand_search_and_replace
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 5.9

    MEDIUM
    CVE-2025-54727

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Stored XSS. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2.... Read more

    Affected Products : cm_on_demand_search_and_replace
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 5.4

    MEDIUM
    CVE-2025-54717

    Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3.... Read more

    Affected Products : wp_membership
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 4.9

    MEDIUM
    CVE-2025-54715

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager allows Path Traversal. This issue affects Barcode Scanner with Inventory & Ord... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 4.3

    MEDIUM
    CVE-2025-54712

    Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy Elementor Addons: from n/a through 2.2.7.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-54708

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks allows DOM-Based XSS. This issue affects B Blocks: from n/a through 2.0.5.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
Showing 20 of 290940 Results