Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68527 | 6.5 (v3.1) | WordPress Academy LMS plugin <= 3.4.0 - Cross Site Scr… |
Kodezen LLC |
Academy LMS |
2025-12-24T12:31:25.030Z | 2026-04-28T16:14:29.593Z |
| cve-2025-68540 | 7.5 (v3.1) | WordPress Fana theme <= 1.1.35 - Local File Inclusion … |
thembay |
Fana |
2025-12-24T12:31:27.748Z | 2026-04-28T16:14:29.564Z |
| cve-2025-68537 | 7.5 (v3.1) | WordPress Zota theme <= 1.3.14 - Local File Inclusion … |
thembay |
Zota |
2025-12-24T12:31:27.277Z | 2026-04-28T16:14:29.564Z |
| cve-2025-68525 | 5.9 (v3.1) | WordPress Category Icon plugin <= 1.0.2 - Cross Site S… |
pixelgrade |
Category Icon |
2025-12-24T12:31:24.777Z | 2026-04-28T16:14:29.559Z |
| cve-2025-68530 | 7.5 (v3.1) | WordPress Bookory theme <= 2.2.7 - Local File Inclusio… |
pavothemes |
Bookory |
2025-12-24T12:31:26.200Z | 2026-04-28T16:14:29.533Z |
| cve-2025-68528 | 6.5 (v3.1) | WordPress Free Shipping Bar: Amount Left for Free Ship… |
WPFactory |
Free Shipping Bar: Amount Left for Free Shipping for WooCommerce |
2025-12-24T12:31:25.572Z | 2026-04-28T16:14:29.525Z |
| cve-2025-68533 | 6.5 (v3.1) | WordPress WC Builder plugin <= 1.2.0 - Cross Site Scri… |
HasThemes |
WC Builder |
2025-12-24T12:31:26.717Z | 2026-04-28T16:14:29.524Z |
| cve-2025-68532 | 6.5 (v3.1) | WordPress ModelTheme Addons for WPBakery and Elementor… |
modeltheme |
ModelTheme Addons for WPBakery and Elementor |
2025-12-24T12:31:26.464Z | 2026-04-28T16:14:29.511Z |
| cve-2025-68523 | 4.3 (v3.1) | WordPress Spiffy Calendar plugin <= 5.0.7 - Broken Acc… |
Spiffy Plugins |
Spiffy Calendar |
2025-12-24T12:31:24.167Z | 2026-04-28T16:14:29.274Z |
| cve-2025-68522 | 4.3 (v3.1) | WordPress WpStream plugin <= 4.9.5 - Broken Access Con… |
wpstream |
WpStream |
2025-12-24T12:31:23.576Z | 2026-04-28T16:14:29.218Z |
| cve-2025-68519 | 8.5 (v3.1) | WordPress Brands for WooCommerce plugin <= 3.8.6.3 - S… |
BeRocket |
Brands for WooCommerce |
2025-12-24T12:31:22.910Z | 2026-04-28T16:14:29.187Z |
| cve-2025-68521 | 5.3 (v3.1) | WordPress WpStream plugin <= 4.9.5 - Broken Access Con… |
wpstream |
WpStream |
2025-12-24T12:31:23.159Z | 2026-04-28T16:14:29.184Z |
| cve-2025-68516 | 5 (v3.1) | WordPress Tablesome plugin <= 1.1.35.1 - Sensitive Dat… |
Essekia |
Tablesome |
2025-12-24T12:31:22.368Z | 2026-04-28T16:14:29.140Z |
| cve-2025-68513 | 6.5 (v3.1) | WordPress Bold Timeline Lite plugin <= 1.2.7 - Cross S… |
boldthemes |
Bold Timeline Lite |
2025-12-24T12:31:22.085Z | 2026-04-28T16:14:29.133Z |
| cve-2025-68517 | 5.4 (v3.1) | WordPress Tablesome plugin <= 1.1.35.1 - Broken Access… |
Essekia |
Tablesome |
2025-12-24T12:31:22.624Z | 2026-04-28T16:14:29.128Z |
| cve-2025-68511 | 6.5 (v3.1) | WordPress Gutenverse Form plugin <= 2.3.1 - Broken Acc… |
Jegstudio |
Gutenverse Form |
2025-12-24T12:31:21.523Z | 2026-04-28T16:14:29.127Z |
| cve-2025-68512 | 6.5 (v3.1) | WordPress Real 3D FlipBook plugin <= 4.11.4 - Cross Si… |
creativeinteractivemedia |
Real 3D FlipBook |
2025-12-24T12:31:21.792Z | 2026-04-28T16:14:29.101Z |
| cve-2025-68507 | 6.5 (v3.1) | WordPress Icegram plugin <= 3.1.35 - Broken Access Con… |
Icegram |
Icegram |
2026-01-22T16:52:07.377Z | 2026-04-28T16:14:29.087Z |
| cve-2025-68504 | 6.5 (v3.1) | WordPress JetSearch plugin <= 3.5.16 - Cross Site Scri… |
Crocoblock |
JetSearch |
2025-12-29T21:14:40.576Z | 2026-04-28T16:14:29.082Z |
| cve-2025-68505 | 5.3 (v3.1) | WordPress H5P plugin <= 1.16.1 - Broken Access Control… |
icc0rz |
H5P |
2025-12-24T12:31:20.714Z | 2026-04-28T16:14:29.071Z |
| cve-2025-68508 | 5.3 (v3.1) | WordPress Brave plugin <= 0.8.3 - Broken Access Contro… |
Brave |
Brave |
2025-12-24T12:31:20.967Z | 2026-04-28T16:14:28.953Z |
| cve-2025-68502 | 4.3 (v3.1) | WordPress JetPopup plugin <= 2.0.20.1 - Insecure Direc… |
Crocoblock |
JetPopup |
2025-12-29T21:16:55.539Z | 2026-04-28T16:14:28.908Z |
| cve-2025-68506 | 8.1 (v3.1) | WordPress Docket Cache plugin <= 24.07.03 - Local File… |
Nawawi Jamili |
Docket Cache |
2025-12-24T13:10:26.727Z | 2026-04-28T16:14:28.879Z |
| cve-2025-68509 | 4.7 (v3.1) | WordPress User Submitted Posts plugin <= 20251121 - Op… |
Jeff Starr |
User Submitted Posts |
2025-12-24T12:31:21.266Z | 2026-04-28T16:14:28.876Z |
| cve-2025-68500 | 4.9 (v3.1) | WordPress Prime Slider – Addons For Elementor plugin <… |
bdthemes |
Prime Slider – Addons For Elementor |
2025-12-24T12:31:20.426Z | 2026-04-28T16:14:28.870Z |
| cve-2025-68503 | 6.5 (v3.1) | WordPress JetBlog plugin <= 2.4.7 - Broken Access Cont… |
Crocoblock |
JetBlog |
2025-12-29T21:15:43.312Z | 2026-04-28T16:14:28.840Z |
| cve-2025-68498 | 6.5 (v3.1) | WordPress JetTabs plugin <= 2.2.12 - Broken Access Con… |
Crocoblock |
JetTabs |
2025-12-29T23:13:35.444Z | 2026-04-28T16:14:28.789Z |
| cve-2025-68499 | 6.5 (v3.1) | WordPress JetTabs plugin <= 2.2.12 - Cross Site Script… |
Crocoblock |
JetTabs |
2025-12-29T23:10:45.157Z | 2026-04-28T16:14:28.744Z |
| cve-2025-68497 | 5.9 (v3.1) | WordPress Astra Widgets plugin <= 1.2.16 - Cross Site … |
Brainstorm Force |
Astra Widgets |
2025-12-24T12:31:19.996Z | 2026-04-28T16:14:28.741Z |
| cve-2025-68496 | 7.6 (v3.1) | WordPress User Feedback plugin <= 1.10.0 - SQL Injecti… |
Syed Balkhi |
User Feedback |
2025-12-24T12:31:19.688Z | 2026-04-28T16:14:28.673Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2006-000615 | Apache Struts Validator allows to bypass input data validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000614 | Winny buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000613 | Trac cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000612 | FreeStyleWiki cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000611 | QUICK CART cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000610 | QUICK CART OS command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000609 | CAFEMILK Shopping Cart CGI cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000606 | Minnu's filer2 vulnerable in allowing arbitrary Ruby script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000605 | Hyper NIKKI System allows unauthorized email submission | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000604 | Nagasaki Electronic Prefectural Office System SQL injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000603 | Hatena Toolbar sends URL information unecnrypted | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000602 | Multiple email clients vulnerable in handling an attachement inapropriately | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000601 | Eudora Japanese version stops working after the application crashes | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000600 | Nagasaki Electronic Prefectural Office System authentication information vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000599 | Nagasaki Electronic Prefectural Office System vulnerable to bypass authentication | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000540 | Microsoft Windows Indexing Service cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000392 | Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox. | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000345 | Microsoft Internet Explorer address bar spoofing vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000326 | Mozilla Firefox vulnerable to HTTP response splitting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000293 | Sun Java System Web Server cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000251 | SquirrelMail cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000864 | XOOPS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000805 | nProtect Netizen has multiple vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000802 | BBSNote cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000801 | WebNote Clip vulnerable to OS command injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000800 | Opera bookmark function vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000799 | Problem with referer header handling on mobile phone web browsers | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000798 | MitakeSearch cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000797 | Multiple vulnerabilities in FreeStyleWiki including cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000796 | Multiple vulnerabilities in FreeStyleWiki including cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0716 | Vulnérabilité dans Wallix Bastion | 2023-09-07T00:00:00.000000 | 2023-09-07T00:00:00.000000 |
| certfr-2023-avi-0715 | Multiples vulnérabilités dans les produits Cisco | 2023-09-07T00:00:00.000000 | 2023-09-07T00:00:00.000000 |
| certfr-2023-avi-0714 | Multiples vulnérabilités dans Nagios XI | 2023-09-06T00:00:00.000000 | 2023-09-06T00:00:00.000000 |
| certfr-2023-avi-0713 | Vulnérabilité dans Xen | 2023-09-06T00:00:00.000000 | 2023-09-06T00:00:00.000000 |
| certfr-2023-avi-0712 | Multiples vulnérabilités dans Google Chrome | 2023-09-06T00:00:00.000000 | 2023-09-06T00:00:00.000000 |
| certfr-2023-avi-0711 | Multiples vulnérabilités dans Android | 2023-09-06T00:00:00.000000 | 2023-09-06T00:00:00.000000 |
| certfr-2023-avi-0710 | Multiples vulnérabilités dans SolarWinds Serv-U | 2023-09-05T00:00:00.000000 | 2023-09-05T00:00:00.000000 |
| certfr-2023-avi-0709 | Vulnérabilité dans Microsoft Edge | 2023-09-01T00:00:00.000000 | 2023-09-01T00:00:00.000000 |
| certfr-2023-avi-0708 | Multiples vulnérabilités dans Moxa MXSecurity | 2023-09-01T00:00:00.000000 | 2023-09-01T00:00:00.000000 |
| certfr-2023-avi-0707 | Multiples vulnérabilités dans GitLab | 2023-09-01T00:00:00.000000 | 2023-09-01T00:00:00.000000 |
| certfr-2023-avi-0706 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-09-01T00:00:00.000000 | 2023-09-01T00:00:00.000000 |
| certfr-2023-avi-0705 | Multiples vulnérabilités dans les produits IBM | 2023-09-01T00:00:00.000000 | 2023-09-01T00:00:00.000000 |
| certfr-2023-avi-0704 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-09-01T00:00:00.000000 | 2023-09-01T00:00:00.000000 |
| certfr-2023-avi-0703 | Multiples vulnérabilités dans Thunderbird | 2023-09-01T00:00:00.000000 | 2023-09-01T00:00:00.000000 |
| certfr-2023-avi-0702 | Vulnérabilité dans VMware Tools | 2023-08-31T00:00:00.000000 | 2023-08-31T00:00:00.000000 |
| certfr-2023-avi-0701 | Multiples vulnérabilités dans Splunk | 2023-08-31T00:00:00.000000 | 2023-08-31T00:00:00.000000 |
| certfr-2023-avi-0700 | Multiples vulnérabilités dans Aruba ArubaOS-Switch | 2023-08-30T00:00:00.000000 | 2023-08-30T00:00:00.000000 |
| certfr-2023-avi-0699 | Multiples vulnérabilités dans Trend Micro Mobile Security | 2023-08-30T00:00:00.000000 | 2023-08-30T00:00:00.000000 |
| certfr-2023-avi-0698 | Multiples vulnérabilités Tenable Nessus | 2023-08-30T00:00:00.000000 | 2023-08-30T00:00:00.000000 |
| certfr-2023-avi-0697 | Multiples vulnérabilités dans VMware Aria Operations for Networks | 2023-08-30T00:00:00.000000 | 2023-08-30T00:00:00.000000 |
| certfr-2023-avi-0696 | Vulnérabilité dans Juniper Junos-OS | 2023-08-30T00:00:00.000000 | 2023-08-30T00:00:00.000000 |
| certfr-2023-avi-0694 | Vulnérabilité dans les produits ClamAV | 2023-08-29T00:00:00.000000 | 2023-08-29T00:00:00.000000 |
| certfr-2023-avi-0693 | Vulnérabilité dans Synology SSL VPN Client | 2023-08-29T00:00:00.000000 | 2023-08-29T00:00:00.000000 |
| certfr-2023-avi-0692 | Vulnérabilité dans MISP | 2023-08-29T00:00:00.000000 | 2023-08-29T00:00:00.000000 |
| certfr-2023-avi-0691 | Vulnérabilité dans Apache Tomcat | 2023-08-28T00:00:00.000000 | 2023-08-28T00:00:00.000000 |
| certfr-2023-avi-0690 | Multiples vulnérabilités dans Microsoft Edge | 2023-08-28T00:00:00.000000 | 2023-08-28T00:00:00.000000 |
| certfr-2023-avi-0689 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-08-25T00:00:00.000000 | 2023-08-25T00:00:00.000000 |
| certfr-2023-avi-0688 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-08-25T00:00:00.000000 | 2023-08-25T00:00:00.000000 |
| certfr-2023-avi-0687 | Multiples vulnérabilités dans le noyau Linux de Debian | 2023-08-25T00:00:00.000000 | 2023-08-25T00:00:00.000000 |
| certfr-2023-avi-0686 | Multiples vulnérabilités dans les produits IBM | 2023-08-25T00:00:00.000000 | 2023-08-25T00:00:00.000000 |