Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.5

HIGH

CVE-2025-68568

Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture & Lead Generation forms maker claspo allows Exploiting Incorrectly Configured Access Control Security Levels.T...

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
9.8

CRITICAL

CVE-2025-68570

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Blind SQL Injection.This issue affects Captivate Sync: from n/a through <= 3.2.2....

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Injection
8.8

HIGH

CVE-2025-68571

Missing Authorization vulnerability in SALESmanago SALESmanago salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago: from n/a through <= 3.9.0....

Affected Products : salesmanago
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
8.8

HIGH

CVE-2025-68573

Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through <= 1.5....

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Cross-Site Request Forgery
6.1

MEDIUM

CVE-2025-68574

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Eleme...

Affected Products : wpbakery_visual_composer_whmcs_elements
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Cross-Site Scripting
7.5

HIGH

CVE-2025-68576

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdie Virusdie virusdie allows Retrieve Embedded Sensitive Data.This issue affects Virusdie: from n/a through <= 1.1.6....

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Information Disclosure
8.8

HIGH

CVE-2025-68577

Missing Authorization vulnerability in Virusdie Virusdie virusdie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virusdie: from n/a through <= 1.1.6....

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
8.1

HIGH

CVE-2025-68578

Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify: from n/a through <= 2.0.4....

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
8.1

HIGH

CVE-2025-68579

Missing Authorization vulnerability in FolioVision FV Simpler SEO fv-all-in-one-seo-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FV Simpler SEO: from n/a through <= 1.9.6....

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
8.8

HIGH

CVE-2025-68580

Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9...

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Cross-Site Request Forgery
8.1

HIGH

CVE-2025-68581

Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through <= 1.0.1...

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
8.8

HIGH

CVE-2025-68585

Missing Authorization vulnerability in Ben Balter WP Document Revisions wp-document-revisions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Document Revisions: from n/a through <= 3.7.2....

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
8.1

HIGH

CVE-2025-68587

Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through <= 3.4.5....

Affected Products : watu_quiz
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
9.8

CRITICAL

CVE-2025-68590

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot allows Blind SQL Injection.This issue affects Integration for Contact Form 7 HubSpot: from n...

Affected Products : database_for_contact_form_7\,_wpforms\,_elementor_forms
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2025-68594

Missing Authorization vulnerability in Assaf Parag Poll, Survey & Quiz Maker Plugin by Opinion Stage social-polls-by-opinionstage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll, Survey & Quiz Maker Plugin b...

Affected Products : poll\,_survey_\&_quiz_maker
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
8.8

HIGH

CVE-2025-68596

Missing Authorization vulnerability in Bit Apps Bit Assist bit-assist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bit Assist: from n/a through <= 1.5.11....

Affected Products : bit_assist
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Authorization
6.1

MEDIUM

CVE-2025-68602

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Accept Donations with PayPal easy-paypal-donation allows Phishing.This issue affects Accept Donations with PayPal: from n/a through <= 1.5.1....

Affected Products : accept_donations_with_paypal
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Misconfiguration
5.4

MEDIUM

CVE-2025-68605

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.18....

Affected Products : post_grid
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Cross-Site Scripting
0.0

NA

CVE-2025-68741

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple_pkt(), which internally calls qla24xx_alloc_purex_item(...

Affected Products : linux_kernel
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Memory Corruption
9.3

CRITICAL

CVE-2018-25128

SOCA Access Control System 180612 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through unvalidated POST parameters. Attackers can bypass authentication, retrieve password hashes, and gain administrati...

Affected Products :
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Injection

Showing 20 of 4578 Results

Browse by Apps

Latest CVE Feed

7.5

9.8

8.8

8.8

6.1

7.5

8.8

8.1

8.1

8.8

8.1

8.8

8.1

9.8

8.1

8.8

6.1

5.4

0.0

9.3

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable