Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-28113 — WordPress Ultimate Learning Pro plugin <= 3.9.1 - Reflected Cross Site Scripting (XSS) vu…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Reflected XSS.This issue affects Ultima…

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28112 — WordPress AllInOne - Banner Rotator plugin <= 3.8 - Reflected Cross Site Scripting (XSS) …

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue a…

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28110 — WordPress LambertGroup - AllInOne - Banner with Playlist plugin <= 3.8 - Reflected Cross …

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Playlist all-in-one-bannerWithPlaylist allows …

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28109 — WordPress LambertGroup - AllInOne - Content Slider plugin <= 3.8 - Reflected Cross Site S…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Content Slider all-in-one-contentSlider allows Reflected X…

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28108 — WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin <= 3.8 - Reflected Cros…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows …

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28107 — WordPress Muzicon theme <= 1.9.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Muzicon muzicon allows PHP Local File Inclusion.This issue affects Mu…

| Injection
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28105 — WordPress Good Energy theme <= 1.7.7 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Good Energy goodenergy allows Object Injection.This issue affects Good Energy: from n/a through <= 1.7.7.

| Injection
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28104 — WordPress Site Suggest plugin <= 1.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a thro…

| Authorization
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28103 — WordPress LBG Zoominoutslider plugin <= 5.4.5 - Reflected Cross Site Scripting (XSS) vuln…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LBG Zoominoutslider lbg_zoominoutslider allows Reflected XSS.This issue affects LBG …

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28102 — WordPress UberSlider Classic plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnera…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Classic uberSlider_classic allows Reflected XSS.This issue affects UberSl…

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28101 — WordPress UberSlider MouseInteraction plugin <= 2.3 - Reflected Cross Site Scripting (XSS…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider MouseInteraction uberSlider_mouseinteraction allows Reflected XSS.This is…

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28100 — WordPress UberSlider PerpetuumMobile plugin <= 2.3 - Reflected Cross Site Scripting (XSS)…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider PerpetuumMobile uberSlider_perpetuummobile allows Reflected XSS.This issu…

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28099 — WordPress UberSlider Ultra plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerabi…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Ultra uberSlider_ultra allows Reflected XSS.This issue affects UberSlider…

| Cross-Site Scripting
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28098 — WordPress Save Life theme <= 1.2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affect…

| Injection
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28097 — WordPress Artrium theme <= 1.0.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Artrium artrium allows PHP Local File Inclusion.This issue affects Ar…

| Injection
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28096 — WordPress WealthCo theme <= 2.18 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX WealthCo wealthco allows PHP Local File Inclusion.This issue affects …

| Path Traversal
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28095 — WordPress Marcell theme <= 1.2.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Ma…

| Path Traversal
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28094 — WordPress RexCoin theme <= 1.2.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX RexCoin rexcoin allows PHP Local File Inclusion.This issue affects Re…

| Path Traversal
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28093 — WordPress Ozisti theme <= 1.1.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Ozisti ozisti allows PHP Local File Inclusion.This issue affects Ozis…

| Path Traversal
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
0.0 NA
CVE-2026-28092 — WordPress Sounder theme <= 1.3.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Sounder sounder allows PHP Local File Inclusion.This issue affects So…

| Path Traversal
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
Showing 20 of 5256 Results