Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.3 CRITICAL
CVE-2026-27413 — WordPress Profile Builder Pro plugin < 3.14.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Profile Builder Pro allows Blind SQL Injection.This issue affects Profile Builder Pro:…

profile_builder | Remote | Injection
Mar 19, 2026 Apr 03, 2026
Mar 19, 2026
Apr 03, 2026
6.5 MEDIUM
CVE-2026-27397 — WordPress Really Simple Security Pro plugin <= 9.5.4.0 - Insecure Direct Object Reference…

Authorization Bypass Through User-Controlled Key vulnerability in Really Simple Plugins B.V. Really Simple Security Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This is…

Remote | Authorization
Mar 19, 2026 Mar 19, 2026
Mar 19, 2026
Mar 19, 2026
8.1 HIGH
CVE-2026-27096 — WordPress ColorFolio - Freelance Designer WordPress Theme theme <= 1.3 - Deserialization …

Deserialization of Untrusted Data vulnerability in BuddhaThemes ColorFolio - Freelance Designer WordPress Theme allows Object Injection.This issue affects ColorFolio - Freelance Designer WordPress Th…

Remote | Injection
Mar 19, 2026 Mar 19, 2026
Mar 19, 2026
Mar 19, 2026
Showing 20 of 6503 Results