Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-49986 | 5.3 (v3.1) | WordPress Video List Manager plugin <= 1.7 - Broken Ac… |
thanhtungtnt |
Video List Manager |
2025-06-20T15:04:10.215Z | 2026-04-28T16:13:15.705Z |
| cve-2025-49994 | 8.1 (v3.1) | WordPress Athens theme <= 1.1.6 - Local File Inclusion… |
ovatheme |
Athens |
2026-01-22T16:51:43.534Z | 2026-04-28T16:13:15.653Z |
| cve-2025-49991 | 5.3 (v3.1) | WordPress WP-Recall plugin <= 16.26.14 - Broken Access… |
tggfref |
WP-Recall |
2025-06-20T15:04:07.772Z | 2026-04-28T16:13:15.479Z |
| cve-2025-49995 | 5.3 (v3.1) | WordPress Download Attachments plugin <= 1.3.1 - Insec… |
dFactory |
Download Attachments |
2025-06-20T15:04:06.831Z | 2026-04-28T16:13:15.407Z |
| cve-2025-49998 | 5.4 (v3.1) | WordPress WooCommerce Fortnox Integration plugin <= 4.… |
Wetail |
WooCommerce Fortnox Integration |
2025-06-20T15:04:05.400Z | 2026-04-28T16:13:15.386Z |
| cve-2025-49996 | 5.3 (v3.1) | WordPress WP Visitor Statistics (Real Time Traffic) pl… |
osama.esh |
WP Visitor Statistics (Real Time Traffic) |
2025-06-20T15:04:06.330Z | 2026-04-28T16:13:15.365Z |
| cve-2025-49989 | 5.3 (v3.1) | WordPress App Builder plugin <= 5.5.6 - Broken Access … |
App Cheap |
App Builder |
2025-06-20T15:04:08.696Z | 2026-04-28T16:13:15.332Z |
| cve-2025-49997 | 5.3 (v3.1) | WordPress Giveaways and Contests by RafflePress plugin… |
Syed Balkhi |
Giveaways and Contests by RafflePress |
2025-06-20T15:04:05.866Z | 2026-04-28T16:13:15.170Z |
| cve-2025-49993 | 5.3 (v3.1) | WordPress Cookie-Script.com plugin <= 1.2.1 - Broken A… |
csarturas |
Cookie-Script.com |
2025-06-20T15:04:07.297Z | 2026-04-28T16:13:14.955Z |
| cve-2025-49984 | 4.9 (v3.1) | WordPress PowerPress Podcasting plugin <= 11.13.11 - S… |
blubrry |
PowerPress Podcasting |
2025-06-20T15:04:11.150Z | 2026-04-28T16:13:14.952Z |
| cve-2025-49990 | 5.3 (v3.1) | WordPress ContentStudio plugin <= 1.3.7 - Broken Acces… |
contentstudio |
Contentstudio |
2025-06-20T15:04:08.230Z | 2026-04-28T16:13:14.946Z |
| cve-2025-49979 | 4.3 (v3.1) | WordPress Media Hygiene plugin <= 4.0.1 - Broken Acces… |
slui |
Media Hygiene |
2025-06-20T15:04:13.690Z | 2026-04-28T16:13:14.929Z |
| cve-2025-49985 | 4.9 (v3.1) | WordPress Auto Upload Images plugin <= 3.3.2 - Server … |
Ali Irani |
Auto Upload Images |
2025-06-20T15:04:10.673Z | 2026-04-28T16:13:14.920Z |
| cve-2025-49982 | 4.3 (v3.1) | WordPress WP Customer Area plugin <= 8.3.4 - Broken Ac… |
aguilatechnologies |
WP Customer Area |
2025-06-20T15:04:12.125Z | 2026-04-28T16:13:14.915Z |
| cve-2025-49983 | 4.9 (v3.1) | WordPress WPThumb plugin <= 0.10 - Server Side Request… |
Joe Hoyle |
WPThumb |
2025-06-20T15:04:11.656Z | 2026-04-28T16:13:14.910Z |
| cve-2025-49987 | 5.3 (v3.1) | WordPress CRM ERP Business Solution plugin <= 1.13 - B… |
WPFactory |
CRM ERP Business Solution |
2025-06-20T15:04:09.700Z | 2026-04-28T16:13:14.883Z |
| cve-2025-49988 | 5.3 (v3.1) | WordPress Contact Form 7 AWeber Extension plugin <= 0.… |
Renzo Johnson |
Contact Form 7 AWeber Extension |
2025-06-20T15:04:09.192Z | 2026-04-28T16:13:14.823Z |
| cve-2025-49980 | 4.3 (v3.1) | WordPress WP User Profile Avatar plugin <= 1.0.6 - Bro… |
WP Event Manager |
WP User Profile Avatar |
2025-06-20T15:04:13.169Z | 2026-04-28T16:13:14.710Z |
| cve-2025-49981 | 4.3 (v3.1) | WordPress User Roles and Capabilities plugin <= 1.2.6 … |
mahabub81 |
User Roles and Capabilities |
2025-06-20T15:04:12.611Z | 2026-04-28T16:13:14.500Z |
| cve-2025-49978 | 4.3 (v3.1) | WordPress JobSearch plugin < 3.0.6 - Insecure Direct O… |
eyecix |
JobSearch |
2025-06-20T15:04:14.183Z | 2026-04-28T16:13:14.240Z |
| cve-2025-49977 | 4.3 (v3.1) | WordPress WP Inventory Manager plugin <= 2.3.4 - Cross… |
WP Inventory |
WP Inventory Manager |
2025-06-20T15:04:14.644Z | 2026-04-28T16:13:14.203Z |
| cve-2025-49971 | 4.3 (v3.1) | WordPress eDS Responsive Menu plugin <= 1.2 - Broken A… |
aThemeArt Translations |
eDS Responsive Menu |
2025-06-20T15:04:18.787Z | 2026-04-28T16:13:14.193Z |
| cve-2025-49976 | 4.3 (v3.1) | WordPress WANotifier plugin <= 2.7.12 - Broken Access … |
WANotifier |
Notifier |
2025-06-20T15:04:15.254Z | 2026-04-28T16:13:14.189Z |
| cve-2025-49964 | 4.3 (v3.1) | WordPress ClipLink plugin <= 1.1 - Cross Site Request … |
indgeek |
ClipLink |
2025-06-20T15:04:23.124Z | 2026-04-28T16:13:14.187Z |
| cve-2025-49975 | 4.3 (v3.1) | WordPress JobWP plugin <= 2.4.0 - Cross Site Request F… |
Hossni Mubarak |
JobWP |
2025-06-20T15:04:15.963Z | 2026-04-28T16:13:14.173Z |
| cve-2025-49973 | 4.3 (v3.1) | WordPress Image Sizes Controller, Create Custom Image … |
GrandPlugins |
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes |
2025-06-20T15:04:17.133Z | 2026-04-28T16:13:14.170Z |
| cve-2025-49970 | 4.3 (v3.1) | WordPress Hello FSE Blog theme <= 1.0.6 - Broken Acces… |
sparklewpthemes |
Hello FSE Blog |
2025-06-20T15:04:19.559Z | 2026-04-28T16:13:14.164Z |
| cve-2025-49965 | 4.3 (v3.1) | WordPress PixelBeds Channel Manager and Hotel Booking … |
Oganro |
PixelBeds Channel Manager and Hotel Booking Engine |
2025-06-20T15:04:22.655Z | 2026-04-28T16:13:14.136Z |
| cve-2025-49972 | 4.3 (v3.1) | WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Sit… |
David Wood |
TM Replace Howdy |
2025-06-20T15:04:17.977Z | 2026-04-28T16:13:14.132Z |
| cve-2025-49961 | 6.5 (v3.1) | WordPress Breeze Checkout plugin <= 1.4.0 - Broken Acc… |
Breeze Team |
Breeze Checkout |
2025-10-22T14:32:21.376Z | 2026-04-28T16:13:14.119Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-310 | Multiples vulnérabilités dans IBM Db2 | 2021-04-23T00:00:00.000000 | 2021-04-23T00:00:00.000000 |
| certfr-2021-avi-309 | Vulnérabilité dans Wireshark | 2021-04-23T00:00:00.000000 | 2021-04-23T00:00:00.000000 |
| certfr-2021-avi-308 | Vulnérabilité dans F5 BIG-IP | 2021-04-23T00:00:00.000000 | 2021-04-23T00:00:00.000000 |
| certfr-2021-avi-307 | Vulnérabilité dans QNAP HBS 3 Hybrid Backup Sync | 2021-04-22T00:00:00.000000 | 2021-04-22T00:00:00.000000 |
| certfr-2021-avi-306 | Vulnérabilité dans IBM WebSphere Application Server | 2021-04-22T00:00:00.000000 | 2021-04-22T00:00:00.000000 |
| certfr-2021-avi-305 | Multiples vulnérabilités dans Google Chrome OS | 2021-04-22T00:00:00.000000 | 2021-04-22T00:00:00.000000 |
| certfr-2021-avi-304 | Vulnérabilité dans Drupal | 2021-04-22T00:00:00.000000 | 2021-04-22T00:00:00.000000 |
| certfr-2021-avi-303 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-04-22T00:00:00.000000 | 2021-04-22T00:00:00.000000 |
| certfr-2021-avi-302 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-04-22T00:00:00.000000 | 2021-04-22T00:00:00.000000 |
| certfr-2021-avi-301 | Multiples vulnérabilités dans Google Chrome | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-300 | Multiples vulnérabilités dans Oracle WebLogic | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-299 | Multiples vulnérabilités dans Oracle Systems | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-298 | Multiples vulnérabilités dans Oracle Virtualization | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-297 | Multiples vulnérabilités dans Oracle Java SE | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-296 | Multiples vulnérabilités dans Oracle MySQL | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-295 | Multiples vulnérabilités dans Oracle Database | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-294 | Vulnérabilité dans Symantec Security Analytics | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-293 | Vulnérabilité dans IBM WebSphere Application Server | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-292 | Multiples vulnérabilités dans les produits Aruba | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-291 | Vulnérabilité dans Sonicwall Email Security | 2021-04-21T00:00:00.000000 | 2021-04-21T00:00:00.000000 |
| certfr-2021-avi-290 | Multiples vulnérabilités dans les produits Juniper | 2021-04-20T00:00:00.000000 | 2021-04-20T00:00:00.000000 |
| certfr-2021-avi-289 | Vulnérabilité dans IBM WebSphere | 2021-04-20T00:00:00.000000 | 2021-04-20T00:00:00.000000 |
| certfr-2021-avi-288 | Multiples vulnérabilités dans F5 BIG-IP | 2021-04-20T00:00:00.000000 | 2021-04-20T00:00:00.000000 |
| certfr-2021-avi-287 | Multiples vulnérabilités dans Mozilla Firefox | 2021-04-20T00:00:00.000000 | 2021-04-20T00:00:00.000000 |
| certfr-2021-avi-286 | Multiples vulnérabilités dans Mozilla Thunderbird | 2021-04-20T00:00:00.000000 | 2021-04-20T00:00:00.000000 |
| certfr-2021-avi-285 | Vulnérabilité dans VMware NSX-T | 2021-04-19T00:00:00.000000 | 2021-04-19T00:00:00.000000 |
| certfr-2021-avi-284 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-04-19T00:00:00.000000 | 2021-04-19T00:00:00.000000 |
| certfr-2021-avi-283 | Vulnérabilité dans Juniper Junos OS | 2021-04-19T00:00:00.000000 | 2021-04-19T00:00:00.000000 |
| certfr-2021-avi-282 | Multiples vulnérabilités dans les produits Qnap | 2021-04-19T00:00:00.000000 | 2021-04-19T00:00:00.000000 |
| certfr-2021-avi-281 | Vulnérabilité dans OpenSSH | 2021-04-19T00:00:00.000000 | 2021-04-19T00:00:00.000000 |