Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68885 | 7.1 (v3.1) | WordPress Custom Post Status plugin <= 1.1.0 - Cross S… |
page-carbajal |
Custom Post Status |
2025-12-31T05:34:27.042Z | 2026-04-28T16:14:32.692Z |
| cve-2025-68897 | 9.9 (v3.1) | WordPress IF AS Shortcode plugin <= 1.2 - Remote Code … |
Mohammad I. Okfie |
IF AS Shortcode |
2025-12-29T15:55:13.564Z | 2026-04-28T16:14:32.691Z |
| cve-2025-68893 | 4.9 (v3.1) | WordPress WordPress Image shrinker plugin <= 1.1.0 - S… |
HETWORKS |
WordPress Image shrinker |
2025-12-29T15:56:47.504Z | 2026-04-28T16:14:32.690Z |
| cve-2025-68902 | 7.5 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Download… |
AivahThemes |
Anona |
2026-01-22T16:52:12.937Z | 2026-04-28T16:14:32.689Z |
| cve-2025-68901 | 8.6 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Deletion… |
AivahThemes |
Anona |
2026-01-22T16:52:12.738Z | 2026-04-28T16:14:32.370Z |
| cve-2025-68882 | 7.5 (v3.1) | WordPress Scalenut plugin <= 1.1.5 - Broken Access Con… |
Scalenut |
Scalenut |
2026-01-22T16:52:11.129Z | 2026-04-28T16:14:32.333Z |
| cve-2025-68878 | 7.1 (v3.1) | WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflec… |
prasadkirpekar |
Advanced Custom CSS |
2025-12-29T16:00:20.652Z | 2026-04-28T16:14:32.167Z |
| cve-2025-68879 | 7.1 (v3.1) | WordPress Content Grid Slider plugin <= 1.5 - Reflecte… |
councilsoft |
Content Grid Slider |
2025-12-29T15:58:57.851Z | 2026-04-28T16:14:32.164Z |
| cve-2025-68870 | 7.5 (v3.1) | WordPress CookieHint WP plugin <= 1.0.0 - Local File I… |
reDim GmbH |
CookieHint WP |
2025-12-29T16:09:05.270Z | 2026-04-28T16:14:32.148Z |
| cve-2025-68876 | 7.1 (v3.1) | WordPress Invelity SPS connect plugin <= 1.0.8 - Refle… |
INVELITY |
Invelity SPS connect |
2025-12-29T16:05:23.287Z | 2026-04-28T16:14:32.135Z |
| cve-2025-68875 | 6.5 (v3.1) | WordPress Flaming Password Reset plugin <= 1.0.3 - Cro… |
jcaruso001 |
Flaming Password Reset |
2026-01-08T09:17:52.299Z | 2026-04-28T16:14:32.134Z |
| cve-2025-68877 | 7.5 (v3.1) | WordPress CedCommerce Integration for Good Market plug… |
cedcommerce |
CedCommerce Integration for Good Market |
2025-12-29T16:03:22.206Z | 2026-04-28T16:14:32.129Z |
| cve-2025-68861 | 7.1 (v3.1) | WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac… |
pluginoptimizer |
Plugin Optimizer |
2025-12-29T17:23:08.542Z | 2026-04-28T16:14:32.113Z |
| cve-2025-68865 | 9.3 (v3.1) | WordPress Infility Global plugin <= 2.15.06 - SQL Inje… |
Infility |
Infility Global |
2026-01-05T10:44:34.184Z | 2026-04-28T16:14:32.112Z |
| cve-2025-68868 | 6.5 (v3.1) | WordPress Wp Text Slider Widget plugin <= 1.0 - Cross … |
codeaffairs |
Wp Text Slider Widget |
2025-12-29T16:12:32.664Z | 2026-04-28T16:14:32.108Z |
| cve-2025-68860 | 9.8 (v3.1) | WordPress Mobile builder plugin <= 1.4.2 - Broken Auth… |
Mobile Builder |
Mobile builder |
2025-12-29T21:08:56.358Z | 2026-04-28T16:14:31.983Z |
| cve-2025-68852 | 7.1 (v3.1) | WordPress Court Reservation plugin <= 1.10.13 - Cross … |
webmuehle |
Court Reservation |
2026-02-20T15:46:43.282Z | 2026-04-28T16:14:31.798Z |
| cve-2025-68837 | 6.5 (v3.1) | WordPress ELEX WordPress HelpDesk & Customer Ticketing… |
ELEXtensions |
ELEX WordPress HelpDesk & Customer Ticketing System |
2026-02-20T15:46:41.507Z | 2026-04-28T16:14:31.735Z |
| cve-2025-68853 | 8.8 (v3.1) | WordPress Contact Manager plugin <= 9.1.1 - PHP Object… |
Kleor |
Contact Manager |
2026-02-20T15:46:43.488Z | 2026-04-28T16:14:31.716Z |
| cve-2025-68836 | 7.1 (v3.1) | WordPress Table of Contents Creator plugin <= 1.6.4.1 … |
Markbeljaars |
Table of Contents Creator |
2026-03-19T08:33:02.946Z | 2026-04-28T16:14:31.682Z |
| cve-2025-68834 | 7.5 (v3.1) | WordPress Sync Master Sheet – Product Sync with Google… |
Saiful Islam |
Sync Master Sheet – Product Sync with Google Sheet for WooCommerce |
2026-02-20T15:46:41.323Z | 2026-04-28T16:14:31.350Z |
| cve-2025-68595 | 5.3 (v3.1) | WordPress Widgets for Social Photo Feed plugin <= 1.8 … |
Trustindex |
Widgets for Social Photo Feed |
2025-12-24T13:10:44.856Z | 2026-04-28T16:14:31.316Z |
| cve-2025-68608 | 7.5 (v3.1) | WordPress Userpro plugin <= 5.1.9 - Broken Access Cont… |
DeluxeThemes |
Userpro |
2025-12-24T12:31:31.259Z | 2026-04-28T16:14:31.313Z |
| cve-2025-68601 | 5.4 (v3.1) | WordPress Five Star Restaurant Reservations plugin <= … |
Rustaurius |
Five Star Restaurant Reservations |
2025-12-24T13:10:46.860Z | 2026-04-28T16:14:31.310Z |
| cve-2025-68603 | 5.4 (v3.1) | WordPress Editorial Calendar plugin <= 3.8.8 - Broken … |
Marketing Fire |
Editorial Calendar |
2025-12-24T13:10:47.744Z | 2026-04-28T16:14:31.304Z |
| cve-2025-68606 | 5.3 (v3.1) | WordPress PostX plugin <= 5.0.3 - Sensitive Data Expos… |
WPXPO |
PostX |
2025-12-24T13:10:48.784Z | 2026-04-28T16:14:31.303Z |
| cve-2025-68602 | 4.7 (v3.1) | WordPress Accept Donations with PayPal plugin <= 1.5.2… |
Scott Paterson |
Accept Donations with PayPal & Stripe |
2025-12-24T13:10:47.134Z | 2026-04-28T16:14:31.300Z |
| cve-2025-68599 | 6.5 (v3.1) | WordPress YouTube Embed plugin <= 5.4 - Cross Site Scr… |
Embeds For YouTube Plugin Support |
YouTube Embed |
2025-12-24T13:10:46.247Z | 2026-04-28T16:14:31.285Z |
| cve-2025-68605 | 6.5 (v3.1) | WordPress Post Grid and Gutenberg Blocks plugin <= 2.3… |
PickPlugins |
Post Grid and Gutenberg Blocks |
2025-12-24T13:10:48.261Z | 2026-04-28T16:14:31.280Z |
| cve-2025-68597 | 6.5 (v3.1) | WordPress Jobs for WordPress plugin <= 2.8.1 - Cross S… |
BlueGlass Interactive AG |
Jobs for WordPress |
2025-12-24T13:10:45.718Z | 2026-04-28T16:14:31.280Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000215 | FENCE-Pro and Systemwalker Desktop Encryption self-decoding file vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000200 | Trac cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000199 | CCC Cleaner division-by-zero vulnerability when scanning UPX-packed executables | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000176 | Mozilla Firefox cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000165 | Ariel AirOne series cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000161 | ColdFusion error page cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000160 | ColdFusion cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000159 | Adobe JRun cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000135 | CCC Cleaner buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000134 | Sage vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000127 | CCC Cleaner buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000094 | MODx cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000093 | Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000091 | Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000090 | b2evolution cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000088 | Shopping Basket Professional vulnerable to OS command injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000087 | CGI RESCUE WebFORM missing mail content vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000086 | CGI RESCUE WebFORM vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000085 | CGI RESCUE WebFORM vulnerable to HTTP header injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000074 | phpAdsNew cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000073 | Movable Type cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000071 | Fresh Reader RSS feed cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000070 | Drupal cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000006 | Serene Bach cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000983 | JP1 Request Handling Denial of Service Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000975 | Hitachi Soumu Workflow Authentication Bypassing Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000939 | Multiple vulnerabilities in Webmin and Usermin | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000938 | Webmin directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000858 | Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000853 | tDiary arbitrary Ruby script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0809 | Vulnérabilité dans les produits NetApp | 2023-10-05T00:00:00.000000 | 2023-10-05T00:00:00.000000 |
| certfr-2023-avi-0808 | Vulnérabilité dans Wireshark | 2023-10-05T00:00:00.000000 | 2023-10-05T00:00:00.000000 |
| certfr-2023-avi-0806 | Multiples vulnérabilités dans les produits Apple | 2023-10-05T00:00:00.000000 | 2023-10-05T00:00:00.000000 |
| certfr-2023-avi-0805 | Multiples vulnérabilités dans les produits Cisco | 2023-10-05T00:00:00.000000 | 2023-10-05T00:00:00.000000 |
| certfr-2023-avi-0804 | Vulnérabilité dans GNU LIBC | 2023-10-05T00:00:00.000000 | 2023-10-05T00:00:00.000000 |
| certfr-2023-avi-0802 | Vulnérabilité dans les produits Moxa | 2023-10-04T00:00:00.000000 | 2023-10-04T00:00:00.000000 |
| certfr-2023-avi-0801 | Multiples vulnérabilités dans les produits IBM | 2023-10-04T00:00:00.000000 | 2023-10-04T00:00:00.000000 |
| certfr-2023-avi-0800 | Vulnérabilité dans Google Chrome | 2023-10-04T00:00:00.000000 | 2023-10-04T00:00:00.000000 |
| certfr-2023-avi-0799 | Vulnérabilité dans les produits Microsoft | 2023-10-03T00:00:00.000000 | 2023-10-03T00:00:00.000000 |
| certfr-2023-avi-0798 | Multiples vulnérabilités dans les produits IBM | 2023-10-03T00:00:00.000000 | 2023-10-03T00:00:00.000000 |
| certfr-2023-avi-0797 | Multiples vulnérabilités dans Microsoft Edge | 2023-10-02T00:00:00.000000 | 2023-10-02T00:00:00.000000 |
| certfr-2023-avi-0796 | Vulnérabilité dans Mozilla Thunderbird | 2023-10-02T00:00:00.000000 | 2023-10-02T00:00:00.000000 |
| certfr-2023-avi-0795 | Vulnérabilité dans Cisco IOS et IOS XE | 2023-09-29T00:00:00.000000 | 2023-09-29T00:00:00.000000 |
| certfr-2023-avi-0794 | Vulnérabilité dans Mozilla Firefox | 2023-09-29T00:00:00.000000 | 2023-09-29T00:00:00.000000 |
| certfr-2023-avi-0793 | Multiples vulnérabilités dans Progress WS_FTP Server | 2023-09-29T00:00:00.000000 | 2023-09-29T00:00:00.000000 |
| certfr-2023-avi-0792 | Multiples vulnérabilités dans GitLab | 2023-09-29T00:00:00.000000 | 2023-09-29T00:00:00.000000 |
| certfr-2023-avi-0791 | Multiples vulnérabilités dans les produits IBM | 2023-09-29T00:00:00.000000 | 2023-09-29T00:00:00.000000 |
| certfr-2023-avi-0790 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-09-29T00:00:00.000000 | 2023-09-29T00:00:00.000000 |
| certfr-2023-avi-0789 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-09-29T00:00:00.000000 | 2023-09-29T00:00:00.000000 |
| certfr-2023-avi-0788 | Multiples vulnérabilités dans les produits Cisco | 2023-09-28T00:00:00.000000 | 2023-09-28T00:00:00.000000 |
| certfr-2023-avi-0787 | Multiples vulnérabilités dans Google Chrome | 2023-09-28T00:00:00.000000 | 2023-09-28T00:00:00.000000 |
| certfr-2023-avi-0785 | Multiples vulnérabilités dans les produits Belden | 2023-09-27T00:00:00.000000 | 2023-09-27T00:00:00.000000 |
| certfr-2023-avi-0784 | Multiples vulnérabilités dans les produits Apple | 2023-09-27T00:00:00.000000 | 2023-09-27T00:00:00.000000 |
| certfr-2023-avi-0783 | Multiples vulnérabilités dans les produits Mozilla | 2023-09-27T00:00:00.000000 | 2023-09-27T00:00:00.000000 |
| certfr-2023-avi-0782 | Vulnérabilité dans Symantec Protection Engine | 2023-09-27T00:00:00.000000 | 2023-09-27T00:00:00.000000 |
| certfr-2023-avi-0781 | Vulnérabilité dans VMware Aria Operations | 2023-09-27T00:00:00.000000 | 2023-09-27T00:00:00.000000 |
| certfr-2023-avi-0780 | Vulnérabilité dans Elasticsearch | 2023-09-26T00:00:00.000000 | 2023-09-26T00:00:00.000000 |
| certfr-2023-avi-0779 | Vulnérabilité dans PostgreSQL pgAdmin | 2023-09-26T00:00:00.000000 | 2023-09-26T00:00:00.000000 |
| certfr-2023-avi-0778 | Vulnérabilité dans Xen | 2023-09-26T00:00:00.000000 | 2023-09-26T00:00:00.000000 |
| certfr-2023-avi-0777 | Vulnérabilité dans Synology SRM | 2023-09-25T00:00:00.000000 | 2023-09-25T00:00:00.000000 |