Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68911 | 6.5 (v3.1) | WordPress Solace theme <= 2.1.16 - Broken Access Contr… |
solacewp |
Solace |
2026-01-22T16:52:14.813Z | 2026-04-28T16:14:33.356Z |
| cve-2025-68908 | 8.1 (v3.1) | WordPress Barberry theme <= 2.9.9.87 - Local File Incl… |
temash |
Barberry |
2026-01-22T16:52:14.157Z | 2026-04-28T16:14:33.311Z |
| cve-2025-68907 | 7.5 (v3.1) | WordPress Hostme v2 theme <= 7.0 - Arbitrary File Dele… |
AivahThemes |
Hostme v2 |
2026-01-22T16:52:13.949Z | 2026-04-28T16:14:33.277Z |
| cve-2025-68890 | 7.1 (v3.1) | WordPress e-shops plugin <= 1.0.4 - Reflected Cross Si… |
hands01 |
e-shops |
2026-01-08T09:17:54.055Z | 2026-04-28T16:14:32.752Z |
| cve-2025-68892 | 7.1 (v3.1) | WordPress Scroll rss excerpt plugin <= 5.0 - Reflected… |
gopiplus@hotmail.com |
Scroll rss excerpt |
2026-01-08T09:17:54.424Z | 2026-04-28T16:14:32.721Z |
| cve-2025-68885 | 7.1 (v3.1) | WordPress Custom Post Status plugin <= 1.1.0 - Cross S… |
page-carbajal |
Custom Post Status |
2025-12-31T05:34:27.042Z | 2026-04-28T16:14:32.692Z |
| cve-2025-68897 | 9.9 (v3.1) | WordPress IF AS Shortcode plugin <= 1.2 - Remote Code … |
Mohammad I. Okfie |
IF AS Shortcode |
2025-12-29T15:55:13.564Z | 2026-04-28T16:14:32.691Z |
| cve-2025-68893 | 4.9 (v3.1) | WordPress WordPress Image shrinker plugin <= 1.1.0 - S… |
HETWORKS |
WordPress Image shrinker |
2025-12-29T15:56:47.504Z | 2026-04-28T16:14:32.690Z |
| cve-2025-68902 | 7.5 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Download… |
AivahThemes |
Anona |
2026-01-22T16:52:12.937Z | 2026-04-28T16:14:32.689Z |
| cve-2025-68901 | 8.6 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Deletion… |
AivahThemes |
Anona |
2026-01-22T16:52:12.738Z | 2026-04-28T16:14:32.370Z |
| cve-2025-68882 | 7.5 (v3.1) | WordPress Scalenut plugin <= 1.1.5 - Broken Access Con… |
Scalenut |
Scalenut |
2026-01-22T16:52:11.129Z | 2026-04-28T16:14:32.333Z |
| cve-2025-68878 | 7.1 (v3.1) | WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflec… |
prasadkirpekar |
Advanced Custom CSS |
2025-12-29T16:00:20.652Z | 2026-04-28T16:14:32.167Z |
| cve-2025-68879 | 7.1 (v3.1) | WordPress Content Grid Slider plugin <= 1.5 - Reflecte… |
councilsoft |
Content Grid Slider |
2025-12-29T15:58:57.851Z | 2026-04-28T16:14:32.164Z |
| cve-2025-68870 | 7.5 (v3.1) | WordPress CookieHint WP plugin <= 1.0.0 - Local File I… |
reDim GmbH |
CookieHint WP |
2025-12-29T16:09:05.270Z | 2026-04-28T16:14:32.148Z |
| cve-2025-68876 | 7.1 (v3.1) | WordPress Invelity SPS connect plugin <= 1.0.8 - Refle… |
INVELITY |
Invelity SPS connect |
2025-12-29T16:05:23.287Z | 2026-04-28T16:14:32.135Z |
| cve-2025-68875 | 6.5 (v3.1) | WordPress Flaming Password Reset plugin <= 1.0.3 - Cro… |
jcaruso001 |
Flaming Password Reset |
2026-01-08T09:17:52.299Z | 2026-04-28T16:14:32.134Z |
| cve-2025-68877 | 7.5 (v3.1) | WordPress CedCommerce Integration for Good Market plug… |
cedcommerce |
CedCommerce Integration for Good Market |
2025-12-29T16:03:22.206Z | 2026-04-28T16:14:32.129Z |
| cve-2025-68861 | 7.1 (v3.1) | WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac… |
pluginoptimizer |
Plugin Optimizer |
2025-12-29T17:23:08.542Z | 2026-04-28T16:14:32.113Z |
| cve-2025-68865 | 9.3 (v3.1) | WordPress Infility Global plugin <= 2.15.06 - SQL Inje… |
Infility |
Infility Global |
2026-01-05T10:44:34.184Z | 2026-04-28T16:14:32.112Z |
| cve-2025-68868 | 6.5 (v3.1) | WordPress Wp Text Slider Widget plugin <= 1.0 - Cross … |
codeaffairs |
Wp Text Slider Widget |
2025-12-29T16:12:32.664Z | 2026-04-28T16:14:32.108Z |
| cve-2025-68860 | 9.8 (v3.1) | WordPress Mobile builder plugin <= 1.4.2 - Broken Auth… |
Mobile Builder |
Mobile builder |
2025-12-29T21:08:56.358Z | 2026-04-28T16:14:31.983Z |
| cve-2025-68852 | 7.1 (v3.1) | WordPress Court Reservation plugin <= 1.10.13 - Cross … |
webmuehle |
Court Reservation |
2026-02-20T15:46:43.282Z | 2026-04-28T16:14:31.798Z |
| cve-2025-68837 | 6.5 (v3.1) | WordPress ELEX WordPress HelpDesk & Customer Ticketing… |
ELEXtensions |
ELEX WordPress HelpDesk & Customer Ticketing System |
2026-02-20T15:46:41.507Z | 2026-04-28T16:14:31.735Z |
| cve-2025-68853 | 8.8 (v3.1) | WordPress Contact Manager plugin <= 9.1.1 - PHP Object… |
Kleor |
Contact Manager |
2026-02-20T15:46:43.488Z | 2026-04-28T16:14:31.716Z |
| cve-2025-68836 | 7.1 (v3.1) | WordPress Table of Contents Creator plugin <= 1.6.4.1 … |
Markbeljaars |
Table of Contents Creator |
2026-03-19T08:33:02.946Z | 2026-04-28T16:14:31.682Z |
| cve-2025-68834 | 7.5 (v3.1) | WordPress Sync Master Sheet – Product Sync with Google… |
Saiful Islam |
Sync Master Sheet – Product Sync with Google Sheet for WooCommerce |
2026-02-20T15:46:41.323Z | 2026-04-28T16:14:31.350Z |
| cve-2025-68595 | 5.3 (v3.1) | WordPress Widgets for Social Photo Feed plugin <= 1.8 … |
Trustindex |
Widgets for Social Photo Feed |
2025-12-24T13:10:44.856Z | 2026-04-28T16:14:31.316Z |
| cve-2025-68608 | 7.5 (v3.1) | WordPress Userpro plugin <= 5.1.9 - Broken Access Cont… |
DeluxeThemes |
Userpro |
2025-12-24T12:31:31.259Z | 2026-04-28T16:14:31.313Z |
| cve-2025-68601 | 5.4 (v3.1) | WordPress Five Star Restaurant Reservations plugin <= … |
Rustaurius |
Five Star Restaurant Reservations |
2025-12-24T13:10:46.860Z | 2026-04-28T16:14:31.310Z |
| cve-2025-68603 | 5.4 (v3.1) | WordPress Editorial Calendar plugin <= 3.8.8 - Broken … |
Marketing Fire |
Editorial Calendar |
2025-12-24T13:10:47.744Z | 2026-04-28T16:14:31.304Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000807 | FileMaker cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000806 | Feed2JS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000805 | RoundCube Webmail cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000804 | Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000803 | Cross-site scripting vulnerability in updir.php in UPDIR.NET | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000802 | Lotus Domino cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000801 | NetCommons cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000779 | MouseoverDictionary vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000745 | PowerArchiver buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000730 | Webmin OS command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000729 | Aipo session fixation vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000727 | Safari allows access from HTTP to HTTPS | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000712 | Cosminexus Agent Process Crash Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000711 | TPBroker Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000710 | Cosminexus Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000702 | Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000701 | Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000700 | Cosminexus javadoc Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000699 | JP1/NETM/DM Manager SQL Injection Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000697 | Lhaplus buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000678 | Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000647 | Fuktommy.com httpd.pl included in its HTML preprocessor vulnerable in allowing an attacker to view arbitrary CGI source code | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000646 | Fuktommy.com httpd.pl including HTML preprocessor vulnerable to directory traversal | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000645 | 7-ZIP32.DLL buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000640 | Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000639 | Shopping Basket Pro directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000626 | Mayaa cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000625 | Tuigwaa cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000598 | Apache Tomcat Host Manager cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000572 | WebCart cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0860 | Multiples vulnérabilités dans Oracle Database Server | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0859 | Multiples vulnérabilités dans Moodle | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0858 | Vulnérabilité dans Elastic Endpoint | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0857 | Vulnérabilité dans Sophos Firewall | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0856 | Vulnérabilité dans Google Chrome | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0855 | Vulnérabilité dans Aruba Networking AirWave Management Platform | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0854 | Multiples vulnérabilités dans Moodle | 2023-10-17T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0853 | Vulnérabilité dans Roundcube Webmail | 2023-10-17T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0852 | Multiples vulnérabilités dans SonicWall SonicOS | 2023-10-17T00:00:00.000000 | 2023-10-17T00:00:00.000000 |
| certfr-2023-avi-0851 | Vulnérabilité dans Stormshield Management Center | 2023-10-16T00:00:00.000000 | 2023-10-16T00:00:00.000000 |
| certfr-2023-avi-0850 | Multiples vulnérabilités dans les produits Nextcloud | 2023-10-16T00:00:00.000000 | 2023-10-16T00:00:00.000000 |
| certfr-2023-avi-0849 | Multiples vulnérabilités dans AXIS OS | 2023-10-16T00:00:00.000000 | 2023-10-16T00:00:00.000000 |
| certfr-2023-avi-0848 | Multiples vulnérabilités dans Microsoft Edge | 2023-10-16T00:00:00.000000 | 2023-10-16T00:00:00.000000 |
| certfr-2023-avi-0847 | Vulnérabilité dans Grafana | 2023-10-16T00:00:00.000000 | 2023-10-16T00:00:00.000000 |
| certfr-2023-avi-0846 | Multiples vulnérabilités dans les produits Qnap | 2023-10-16T00:00:00.000000 | 2023-10-16T00:00:00.000000 |
| certfr-2023-avi-0845 | Vulnérabilité dans Nextcloud Server | 2023-10-13T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0844 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-10-13T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0843 | Vulnérabilité dans les produits Symantec | 2023-10-13T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0842 | Multiples vulnérabilités dans WordPress | 2023-10-13T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0841 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-10-13T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0840 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-10-13T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0839 | Multiples vulnérabilités dans les produits IBM | 2023-10-13T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0832 | Multiples vulnérabilités dans Apache Tomcat | 2023-10-12T00:00:00.000000 | 2023-10-13T00:00:00.000000 |
| certfr-2023-avi-0838 | Multiples vulnérabilités dans les produits Apple | 2023-10-12T00:00:00.000000 | 2023-10-12T00:00:00.000000 |
| certfr-2023-avi-0837 | Multiples vulnérabilités dans les produits F5 | 2023-10-12T00:00:00.000000 | 2023-10-12T00:00:00.000000 |
| certfr-2023-avi-0836 | Multiples vulnérabilités dans les produits Juniper | 2023-10-12T00:00:00.000000 | 2023-10-12T00:00:00.000000 |
| certfr-2023-avi-0835 | Vulnérabilité dans Palo Alto Networks Cortex XSOAR | 2023-10-12T00:00:00.000000 | 2023-10-12T00:00:00.000000 |
| certfr-2023-avi-0834 | Multiples vulnérabilités dans Xen | 2023-10-12T00:00:00.000000 | 2023-10-12T00:00:00.000000 |
| certfr-2023-avi-0833 | Multiples vulnérabilités dans les produits Adobe | 2023-10-12T00:00:00.000000 | 2023-10-12T00:00:00.000000 |
| certfr-2023-avi-0831 | Multiples vulnérabilités dans Samba | 2023-10-12T00:00:00.000000 | 2023-10-12T00:00:00.000000 |