Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-66104 | 6.5 (v3.1) | WordPress Offload, AI & Optimize with Cloudflare Image… |
Anton Vanyukov |
Offload, AI & Optimize with Cloudflare Images |
2025-12-18T07:22:18.646Z | 2026-04-28T16:14:17.064Z |
| cve-2025-66103 | 6.5 (v3.1) | WordPress WPCal.io plugin <= 0.9.5.9 - Cross Site Scri… |
revmakx |
WPCal.io |
2025-12-30T16:43:38.792Z | 2026-04-28T16:14:17.060Z |
| cve-2025-66101 | 4.3 (v3.1) | WordPress CBX Bookmark & Favorite plugin <= 2.0.1 - Br… |
Sabuj Kundu |
CBX Bookmark & Favorite |
2025-11-21T12:30:01.600Z | 2026-04-28T16:14:16.998Z |
| cve-2025-66097 | 4.3 (v3.1) | WordPress I Order Terms plugin <= 1.5.0 - Cross Site R… |
Igor Jerosimić |
I Order Terms |
2025-11-21T12:29:59.986Z | 2026-04-28T16:14:16.976Z |
| cve-2025-66096 | 4.3 (v3.1) | WordPress Table Block by Tableberg plugin <= 0.6.9 - B… |
Imtiaz Rayhan |
Table Block by Tableberg |
2025-11-21T12:29:59.819Z | 2026-04-28T16:14:16.817Z |
| cve-2025-66085 | 4.3 (v3.1) | WordPress Arconix Shortcodes plugin <= 2.1.18 - Broken… |
tychesoftwares |
Arconix Shortcodes |
2025-11-21T12:29:58.133Z | 2026-04-28T16:14:16.569Z |
| cve-2025-66083 | 5.3 (v3.1) | WordPress WpEvently plugin <= 5.0.4 - Broken Access Co… |
magepeopleteam |
WpEvently |
2025-11-21T12:29:57.750Z | 2026-04-28T16:14:16.564Z |
| cve-2025-66095 | 8.5 (v3.1) | WordPress KiviCare plugin <= 3.6.13 - SQL Injection vu… |
Iqonic Design |
KiviCare |
2025-11-21T12:29:59.655Z | 2026-04-28T16:14:16.559Z |
| cve-2025-66081 | 5.9 (v3.1) | WordPress Head Meta Data plugin <= 20250327 - Cross Si… |
Jeff Starr |
Head Meta Data |
2025-11-21T12:29:57.410Z | 2026-04-28T16:14:16.531Z |
| cve-2025-66087 | 4.3 (v3.1) | WordPress PropertyHive plugin <= 2.1.12 - Broken Acces… |
Property Hive |
PropertyHive |
2025-11-21T12:29:58.540Z | 2026-04-28T16:14:16.481Z |
| cve-2025-66088 | 7.5 (v3.1) | WordPress PropertyHive plugin <= 2.1.12 - Broken Acces… |
Property Hive |
PropertyHive |
2025-12-18T07:22:18.084Z | 2026-04-28T16:14:16.407Z |
| cve-2025-66089 | 4.3 (v3.1) | WordPress Product Feed for WooCommerce plugin <= 2.3.1… |
WebToffee |
Product Feed for WooCommerce |
2025-11-21T12:29:58.741Z | 2026-04-28T16:14:16.399Z |
| cve-2025-66080 | 5.3 (v3.1) | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy C… |
WP Legal Pages |
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent |
2025-12-30T16:10:40.664Z | 2026-04-28T16:14:16.397Z |
| cve-2025-66086 | 5.3 (v3.1) | WordPress SMS Alert Order Notifications plugin <= 3.8.… |
Cozy Vision |
SMS Alert Order Notifications |
2025-11-21T12:29:58.296Z | 2026-04-28T16:14:16.345Z |
| cve-2025-66078 | 9.1 (v3.1) | WordPress Hotel Booking Lite plugin <= 5.2.3 - Remote … |
jetmonsters |
Hotel Booking Lite |
2025-12-18T07:22:17.890Z | 2026-04-28T16:14:16.343Z |
| cve-2025-66094 | 6.5 (v3.1) | WordPress Yada Wiki plugin <= 3.5 - Cross Site Scripti… |
dmccan |
Yada Wiki |
2025-12-30T16:17:26.055Z | 2026-04-28T16:14:16.334Z |
| cve-2025-66082 | 5.3 (v3.1) | WordPress WpEvently plugin <= 5.0.4 - Broken Access Co… |
magepeopleteam |
WpEvently |
2025-11-21T12:29:57.578Z | 2026-04-28T16:14:16.333Z |
| cve-2025-66084 | 4.3 (v3.1) | WordPress FluentCommunity plugin <= 2.0.0 - Broken Acc… |
Shahjahan Jewel |
FluentCommunity |
2025-11-21T12:29:57.920Z | 2026-04-28T16:14:16.325Z |
| cve-2025-66075 | 4.3 (v3.1) | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy C… |
WP Legal Pages |
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent |
2025-11-21T12:29:56.896Z | 2026-04-28T16:14:16.264Z |
| cve-2025-66077 | 5.3 (v3.1) | WordPress Legal Pages plugin <= 1.4.6 - Broken Access … |
wpWax |
Legal Pages |
2025-11-21T12:29:57.063Z | 2026-04-28T16:14:16.240Z |
| cve-2025-66072 | 5.3 (v3.1) | WordPress UsersWP plugin <= 1.2.47 - Broken Access Con… |
Stiofan |
UsersWP |
2025-11-21T12:29:56.382Z | 2026-04-28T16:14:15.864Z |
| cve-2025-66067 | 6.5 (v3.1) | WordPress Funnel Builder by FunnelKit plugin <= 3.13.1… |
Aman |
Funnel Builder by FunnelKit |
2025-11-21T12:29:55.849Z | 2026-04-28T16:14:15.817Z |
| cve-2025-66070 | 7.5 (v3.1) | WordPress wpForo Forum plugin <= 2.4.10 - Broken Acces… |
Tomdever |
wpForo Forum |
2025-12-18T07:22:17.491Z | 2026-04-28T16:14:15.778Z |
| cve-2025-66074 | 9 (v3.1) | WordPress WP Webhooks plugin <= 3.3.8 - Arbitrary File… |
Cozmoslabs |
WP Webhooks |
2025-12-18T07:22:17.689Z | 2026-04-28T16:14:15.776Z |
| cve-2025-66073 | 7.2 (v3.1) | WordPress WP Webhooks plugin <= 3.3.8 - PHP Object Inj… |
Cozmoslabs |
WP Webhooks |
2025-11-21T12:29:56.667Z | 2026-04-28T16:14:15.776Z |
| cve-2025-66066 | 6.5 (v3.1) | WordPress Envo Extra plugin <= 1.9.11 - Cross Site Scr… |
EnvoThemes |
Envo Extra |
2025-11-21T12:29:55.680Z | 2026-04-28T16:14:15.744Z |
| cve-2025-66069 | 4.3 (v3.1) | WordPress PPOM for WooCommerce plugin <= 33.0.16 - Bro… |
Themeisle |
PPOM for WooCommerce |
2025-11-21T12:29:56.025Z | 2026-04-28T16:14:15.729Z |
| cve-2025-66068 | 6.5 (v3.1) | WordPress InstaWP Connect plugin <= 0.1.1.9 - Broken A… |
InstaWP |
InstaWP Connect |
2025-12-18T07:22:17.312Z | 2026-04-28T16:14:15.712Z |
| cve-2025-66065 | 6.5 (v3.1) | WordPress Gutenverse plugin <= 3.2.1 - Broken Access C… |
Jegstudio |
Gutenverse |
2025-11-21T12:29:55.513Z | 2026-04-28T16:14:15.667Z |
| cve-2025-66064 | 4.3 (v3.1) | WordPress Giveaways and Contests by RafflePress plugin… |
Syed Balkhi |
Giveaways and Contests by RafflePress |
2025-11-21T12:29:55.338Z | 2026-04-28T16:14:15.601Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0264 | Multiples vulnérabilités dans Nextcloud Server | 2023-03-27T00:00:00.000000 | 2023-03-27T00:00:00.000000 |
| certfr-2023-avi-0263 | Multiples vulnérabilités dans IBM Cognos | 2023-03-27T00:00:00.000000 | 2023-03-27T00:00:00.000000 |
| certfr-2023-avi-0262 | Multiples vulnérabilités dans les produits Microsoft | 2023-03-27T00:00:00.000000 | 2023-03-27T00:00:00.000000 |
| certfr-2023-avi-0261 | Vulnérabilité dans LibreOffice | 2023-03-27T00:00:00.000000 | 2023-03-27T00:00:00.000000 |
| certfr-2023-avi-0260 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-03-24T00:00:00.000000 | 2023-03-24T00:00:00.000000 |
| certfr-2023-avi-0259 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-03-24T00:00:00.000000 | 2023-03-24T00:00:00.000000 |
| certfr-2023-avi-0258 | Multiples vulnérabilités dans les produits IBM | 2023-03-24T00:00:00.000000 | 2023-03-24T00:00:00.000000 |
| certfr-2023-avi-0257 | Vulnérabilité dans Grafana | 2023-03-23T00:00:00.000000 | 2023-03-23T00:00:00.000000 |
| certfr-2023-avi-0256 | Multiples vulnérabilités dans les produits Cisco | 2023-03-23T00:00:00.000000 | 2023-03-23T00:00:00.000000 |
| certfr-2023-avi-0255 | Vulnérabilité dans OpenSSL | 2023-03-23T00:00:00.000000 | 2023-03-23T00:00:00.000000 |
| certfr-2023-avi-0254 | Multiples vulnérabilités dans Tenable.sc | 2023-03-23T00:00:00.000000 | 2023-03-23T00:00:00.000000 |
| certfr-2023-avi-0253 | Vulnérabilité dans Apache Tomcat | 2023-03-22T00:00:00.000000 | 2023-03-22T00:00:00.000000 |
| certfr-2023-avi-0252 | Vulnérabilité dans les produits Aruba | 2023-03-22T00:00:00.000000 | 2023-03-22T00:00:00.000000 |
| certfr-2023-avi-0251 | Multiples vulnérabilités dans Google Chrome | 2023-03-22T00:00:00.000000 | 2023-03-22T00:00:00.000000 |
| certfr-2023-avi-0250 | Multiples vulnérabilités dans les produits IBM | 2023-03-22T00:00:00.000000 | 2023-03-22T00:00:00.000000 |
| certfr-2023-avi-0249 | Vulnérabilité dans NextCloud Server | 2023-03-22T00:00:00.000000 | 2023-03-22T00:00:00.000000 |
| certfr-2023-avi-0248 | Multiples vulnérabilités dans les produits Xen | 2023-03-21T00:00:00.000000 | 2023-03-21T00:00:00.000000 |
| certfr-2023-avi-0247 | Multiples vulnérabilités dans Zimbra | 2023-03-21T00:00:00.000000 | 2023-03-21T00:00:00.000000 |
| certfr-2023-avi-0246 | Multiples vulnérabilités dans les produits Moodle | 2023-03-21T00:00:00.000000 | 2023-03-21T00:00:00.000000 |
| certfr-2023-avi-0245 | Multiples vulnérabilités dans les produits IBM | 2023-03-20T00:00:00.000000 | 2023-03-20T00:00:00.000000 |
| certfr-2023-avi-0244 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-03-17T00:00:00.000000 | 2023-03-17T00:00:00.000000 |
| certfr-2023-avi-0243 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-03-17T00:00:00.000000 | 2023-03-17T00:00:00.000000 |
| certfr-2023-avi-0242 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-03-17T00:00:00.000000 | 2023-03-17T00:00:00.000000 |
| certfr-2023-avi-0241 | Multiples vulnérabilités dans les produits Synology | 2023-03-17T00:00:00.000000 | 2023-03-17T00:00:00.000000 |
| certfr-2023-avi-0240 | Multiples vulnérabilités dans les produits IBM | 2023-03-17T00:00:00.000000 | 2023-03-17T00:00:00.000000 |
| certfr-2023-avi-0239 | Multiples vulnérabilités dans Tenable Sensor Proxy | 2023-03-17T00:00:00.000000 | 2023-03-17T00:00:00.000000 |
| certfr-2023-avi-0238 | Multiples vulnérabilités dans les produits IBM | 2023-03-16T00:00:00.000000 | 2023-03-16T00:00:00.000000 |
| certfr-2023-avi-0237 | Multiples vulnérabilités dans Drupal core | 2023-03-16T00:00:00.000000 | 2023-03-16T00:00:00.000000 |
| certfr-2023-avi-0236 | Multiples vulnérabilités dans Mozilla Thunderbird | 2023-03-16T00:00:00.000000 | 2023-03-16T00:00:00.000000 |
| certfr-2023-avi-0235 | Multiples vulnérabilités dans OpenSSH | 2023-03-16T00:00:00.000000 | 2023-03-16T00:00:00.000000 |