Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2025-27322

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bappa Mal QR Code for WooCommerce allows Reflected XSS. This issue affects QR Code for WooCommerce: from n/a through 1.2.0.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27319

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivan82 User List allows Reflected XSS. This issue affects User List: from n/a through 1.5.1.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27314

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kush Sharma Kush Micro News allows Stored XSS. This issue affects Kush Micro News: from n/a through 1.6.7.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27313

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bernd Altmeier Google Maps GPX Viewer allows Reflected XSS. This issue affects Google Maps GPX Viewer: from n/a through 3.6.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-27310

    Missing Authorization vulnerability in Radius of Thought Page and Post Lister allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Page and Post Lister: from n/a through 1.2.1.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authorization

  • 7.1

    HIGH
    CVE-2025-27309

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeannot Muller flickr-slideshow-wrapper allows Stored XSS. This issue affects flickr-slideshow-wrapper: from n/a through 5.4.6.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27308

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmstactics WP Video Posts allows Reflected XSS. This issue affects WP Video Posts: from n/a through 3.5.1.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.3

    CRITICAL
    CVE-2025-27302

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Claudio Adrian Marrero CHATLIVE allows SQL Injection. This issue affects CHATLIVE: from n/a through 2.0.1.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Injection

  • 5.3

    MEDIUM
    CVE-2025-27299

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Asia MyTicket Events allows Path Traversal. This issue affects MyTicket Events: from n/a through 1.2.4.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Path Traversal

  • 7.1

    HIGH
    CVE-2025-27295

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpion Live css allows Stored XSS. This issue affects Live css: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27293

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webparexapp Shipmozo Courier Tracking allows Reflected XSS. This issue affects Shipmozo Courier Tracking: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27292

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPyog WPYog Documents allows Reflected XSS. This issue affects WPYog Documents: from n/a through 1.3.3.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27291

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxgallery WordPress Photo Gallery – Image Gallery allows Reflected XSS. This issue affects WordPress Photo Gallery – Image Gallery: from n/a through 2.0.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27289

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Antoine Guillien Restrict Taxonomies allows Reflected XSS. This issue affects Restrict Taxonomies: from n/a through 1.3.3.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27288

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BjornW File Icons allows Reflected XSS. This issue affects File Icons: from n/a through 2.1.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-27287

    Deserialization of Untrusted Data vulnerability in ssvadim SS Quiz allows Object Injection. This issue affects SS Quiz: from n/a through 2.0.5.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-27286

    Deserialization of Untrusted Data vulnerability in saoshyant1994 Saoshyant Slider allows Object Injection. This issue affects Saoshyant Slider: from n/a through 3.0.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Injection

  • 7.1

    HIGH
    CVE-2025-27285

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Easy Form by AYS allows Reflected XSS. This issue affects Easy Form by AYS: from n/a through 2.6.9.... Read more

    Affected Products : easy_form
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-27284

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in divspark Flagged Content allows Reflected XSS. This issue affects Flagged Content: from n/a through 1.0.2.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-27283

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in rockgod100 Theme File Duplicator allows Path Traversal. This issue affects Theme File Duplicator: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Path Traversal
Showing 20 of 293555 Results