Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-49975 | 4.3 (v3.1) | WordPress JobWP plugin <= 2.4.0 - Cross Site Request F… |
Hossni Mubarak |
JobWP |
2025-06-20T15:04:15.963Z | 2026-04-28T16:13:14.173Z |
| cve-2025-49973 | 4.3 (v3.1) | WordPress Image Sizes Controller, Create Custom Image … |
GrandPlugins |
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes |
2025-06-20T15:04:17.133Z | 2026-04-28T16:13:14.170Z |
| cve-2025-49970 | 4.3 (v3.1) | WordPress Hello FSE Blog theme <= 1.0.6 - Broken Acces… |
sparklewpthemes |
Hello FSE Blog |
2025-06-20T15:04:19.559Z | 2026-04-28T16:13:14.164Z |
| cve-2025-49965 | 4.3 (v3.1) | WordPress PixelBeds Channel Manager and Hotel Booking … |
Oganro |
PixelBeds Channel Manager and Hotel Booking Engine |
2025-06-20T15:04:22.655Z | 2026-04-28T16:13:14.136Z |
| cve-2025-49972 | 4.3 (v3.1) | WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Sit… |
David Wood |
TM Replace Howdy |
2025-06-20T15:04:17.977Z | 2026-04-28T16:13:14.132Z |
| cve-2025-49961 | 6.5 (v3.1) | WordPress Breeze Checkout plugin <= 1.4.0 - Broken Acc… |
Breeze Team |
Breeze Checkout |
2025-10-22T14:32:21.376Z | 2026-04-28T16:13:14.119Z |
| cve-2025-49969 | 4.3 (v3.1) | WordPress Zara 4 Image Compression plugin <= 1.2.17.2 … |
Zara 4 |
Zara 4 Image Compression |
2025-06-20T15:04:20.442Z | 2026-04-28T16:13:14.097Z |
| cve-2025-49968 | 4.3 (v3.1) | WordPress XML Travel Portal Widget plugin <= 2.0 - Cro… |
Oganro |
XML Travel Portal Widget |
2025-06-20T15:04:21.122Z | 2026-04-28T16:13:14.091Z |
| cve-2025-49967 | 4.3 (v3.1) | WordPress Live Sports Streamthunder plugin <= 2.1 - Cr… |
marcusjansen |
Live Sports Streamthunder |
2025-06-20T15:04:21.688Z | 2026-04-28T16:13:14.091Z |
| cve-2025-49966 | 4.3 (v3.1) | WordPress Oganro Travel Portal Search Widget for Hotel… |
Oganro |
Oganro Travel Portal Search Widget for HotelBeds APITUDE API |
2025-06-20T15:04:22.175Z | 2026-04-28T16:13:14.041Z |
| cve-2025-49974 | 4.3 (v3.1) | WordPress UpStream: a Project Management Plugin for Wo… |
upstreamplugin |
UpStream: a Project Management Plugin for WordPress |
2025-06-20T15:04:16.551Z | 2026-04-28T16:13:13.985Z |
| cve-2025-49958 | 7.1 (v3.1) | WordPress Robokassa payment gateway for Woocommerce pl… |
robokassa |
Robokassa payment gateway for Woocommerce |
2025-10-22T14:32:20.661Z | 2026-04-28T16:13:10.044Z |
| cve-2025-49949 | 5.4 (v3.1) | WordPress Templazee plugin <= 1.0.2 - Broken Access Co… |
templazee |
Templazee |
2025-10-22T14:32:18.660Z | 2026-04-28T16:13:09.088Z |
| cve-2025-49952 | 6.5 (v3.1) | WordPress Houzez theme <= 4.2.5 - Insecure Direct Obje… |
favethemes |
Houzez |
2025-10-22T14:32:19.320Z | 2026-04-28T16:13:08.925Z |
| cve-2025-49950 | 7.2 (v3.1) | WordPress Official Integration for Billingo plugin <= … |
billingo |
Official Integration for Billingo |
2025-10-22T14:32:18.932Z | 2026-04-28T16:13:08.830Z |
| cve-2025-49937 | 4.3 (v3.1) | WordPress Smash Balloon Social Post Feed plugin <= 4.3… |
Syed Balkhi |
Smash Balloon Social Post Feed |
2025-10-22T14:32:16.676Z | 2026-04-28T16:13:08.568Z |
| cve-2025-49935 | 7.5 (v3.1) | WordPress WoodMart theme < 8.3.2 - Local File Inclusio… |
xtemos |
WoodMart |
2025-10-22T14:32:16.098Z | 2026-04-28T16:13:08.535Z |
| cve-2025-49934 | 6.5 (v3.1) | WordPress JetBlocks For Elementor plugin <= 1.3.18 - C… |
Crocoblock |
JetBlocks For Elementor |
2025-10-22T14:32:15.865Z | 2026-04-28T16:13:08.263Z |
| cve-2025-49931 | 9.3 (v3.1) | WordPress JetSearch plugin <= 3.5.10 - SQL Injection v… |
Crocoblock |
JetSearch |
2025-10-22T14:32:15.259Z | 2026-04-28T16:13:08.251Z |
| cve-2025-49924 | 7.2 (v3.1) | WordPress Wholesale Suite plugin <= 2.2.4.2 - Privileg… |
Josh Kohlbach |
Wholesale Suite |
2025-10-22T14:32:13.804Z | 2026-04-28T16:13:08.005Z |
| cve-2025-49925 | 7.5 (v3.1) | WordPress WPLMS plugin <= 1.9.9.7 - Broken Access Cont… |
VibeThemes |
WPLMS |
2025-10-22T14:32:14.033Z | 2026-04-28T16:13:07.976Z |
| cve-2025-49923 | 5.9 (v3.1) | WordPress Seriously Simple Podcasting plugin <= 3.11.1… |
Craig Hewitt |
Seriously Simple Podcasting |
2025-10-22T14:32:13.596Z | 2026-04-28T16:13:07.972Z |
| cve-2025-49922 | 4.3 (v3.1) | WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 -… |
etruel |
WPeMatico RSS Feed Fetcher |
2025-10-22T14:32:13.367Z | 2026-04-28T16:13:07.972Z |
| cve-2025-49921 | 7.5 (v3.1) | WordPress JetReviews plugin <= 3.0.0 - Local File Incl… |
Crocoblock |
JetReviews |
2025-10-22T14:32:13.059Z | 2026-04-28T16:13:07.913Z |
| cve-2025-49916 | 8.6 (v3.1) | WordPress MultiVendorX plugin <= 4.2.23 - Broken Acces… |
MultiVendorX |
MultiVendorX |
2025-10-22T14:32:12.420Z | 2026-04-28T16:13:07.903Z |
| cve-2025-49915 | 9.3 (v3.1) | WordPress SMS Alert Order Notifications plugin <= 3.8.… |
Cozy Vision |
SMS Alert Order Notifications |
2025-10-22T14:32:12.221Z | 2026-04-28T16:13:07.898Z |
| cve-2025-49926 | 7.2 (v3.1) | WordPress Kalium theme <= 3.25 - Arbitrary Code Execut… |
Laborator |
Kalium |
2025-10-22T14:32:14.208Z | 2026-04-28T16:13:07.897Z |
| cve-2025-49918 | 5.9 (v3.1) | WordPress VikBooking Hotel Booking Engine & PMS plugin… |
e4jvikwp |
VikBooking Hotel Booking Engine & PMS |
2025-12-18T07:21:44.067Z | 2026-04-28T16:13:07.897Z |
| cve-2025-49913 | 5.3 (v3.1) | WordPress CoSchedule plugin <= 3.4.0 - Broken Access C… |
CoSchedule |
CoSchedule |
2025-10-22T14:32:11.977Z | 2026-04-28T16:13:07.838Z |
| cve-2025-49920 | 5.4 (v3.1) | WordPress Web Accessibility By accessiBe plugin <= 2.1… |
accessiBe |
Web Accessibility By accessiBe |
2025-10-22T14:32:12.844Z | 2026-04-28T16:13:07.817Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-280 | Multiples vulnérabilités dans Mitel MiCollab | 2021-04-19T00:00:00.000000 | 2021-04-19T00:00:00.000000 |
| certfr-2021-avi-279 | Multiples vulnérabilités dans Microsoft Edge | 2021-04-16T00:00:00.000000 | 2021-04-16T00:00:00.000000 |
| certfr-2021-avi-278 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-04-16T00:00:00.000000 | 2021-04-16T00:00:00.000000 |
| certfr-2021-avi-277 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-04-16T00:00:00.000000 | 2021-04-16T00:00:00.000000 |
| certfr-2021-avi-276 | Multiples vulnérabilités dans Google Chrome | 2021-04-16T00:00:00.000000 | 2021-04-16T00:00:00.000000 |
| certfr-2021-avi-275 | Multiples vulnérabilités dans F5 BIG-IP et BIG-IQ | 2021-04-16T00:00:00.000000 | 2021-04-16T00:00:00.000000 |
| certfr-2021-avi-274 | Multiples vulnérabilités dans les produits Qnap | 2021-04-16T00:00:00.000000 | 2021-04-16T00:00:00.000000 |
| certfr-2021-avi-273 | Multiples vulnérabilités dans Junos OS | 2021-04-16T00:00:00.000000 | 2021-04-16T00:00:00.000000 |
| certfr-2021-avi-272 | Vulnérabilité dans Siemens Mendix | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-271 | Multiples vulnérabilités dans Google Chrome | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-270 | Multiples vulnérabilités dans Wordpress | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-269 | Multiples vulnérabilités dans F5 BIG-IP | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-268 | Multiples vulnérabilités dans les produits PaloAlto | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-266 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-265 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-264 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-263 | Multiples vulnérabilités dans Microsoft Edge | 2021-04-15T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-avi-262 | Multiples vulnérabilités dans les produits Microsoft | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-261 | Multiples vulnérabilités dans Microsoft Windows | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-260 | Multiples vulnérabilités dans Microsoft Office | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-259 | Multiples vulnérabilités dans Microsoft Edge | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-258 | Multiples vulnérabilités dans Google Chrome | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-257 | Multiples vulnérabilités dans Joomla! | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-256 | Multiples vulnérabilités dans les produits Siemens SCALANCE | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-255 | Multiples vulnérabilités dans les produits Siemens | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-254 | Multiples vulnérabilités dans les produits IBM | 2021-04-14T00:00:00.000000 | 2021-04-14T00:00:00.000000 |
| certfr-2021-avi-252 | Vulnérabilité dans MongoDB Database Tools | 2021-04-13T00:00:00.000000 | 2021-04-13T00:00:00.000000 |
| certfr-2021-avi-251 | Multiples vulnérabilités dans les produits SAP | 2021-04-13T00:00:00.000000 | 2021-04-13T00:00:00.000000 |
| certfr-2021-avi-250 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-04-13T00:00:00.000000 | 2021-04-13T00:00:00.000000 |
| certfr-2021-avi-249 | Multiple vulnérabilités dans les produits SonicWall | 2021-04-12T00:00:00.000000 | 2021-04-12T00:00:00.000000 |