Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-49991 | 5.3 (v3.1) | WordPress WP-Recall plugin <= 16.26.14 - Broken Access… |
tggfref |
WP-Recall |
2025-06-20T15:04:07.772Z | 2026-04-28T16:13:15.479Z |
| cve-2025-49995 | 5.3 (v3.1) | WordPress Download Attachments plugin <= 1.3.1 - Insec… |
dFactory |
Download Attachments |
2025-06-20T15:04:06.831Z | 2026-04-28T16:13:15.407Z |
| cve-2025-49998 | 5.4 (v3.1) | WordPress WooCommerce Fortnox Integration plugin <= 4.… |
Wetail |
WooCommerce Fortnox Integration |
2025-06-20T15:04:05.400Z | 2026-04-28T16:13:15.386Z |
| cve-2025-49996 | 5.3 (v3.1) | WordPress WP Visitor Statistics (Real Time Traffic) pl… |
osama.esh |
WP Visitor Statistics (Real Time Traffic) |
2025-06-20T15:04:06.330Z | 2026-04-28T16:13:15.365Z |
| cve-2025-49989 | 5.3 (v3.1) | WordPress App Builder plugin <= 5.5.6 - Broken Access … |
App Cheap |
App Builder |
2025-06-20T15:04:08.696Z | 2026-04-28T16:13:15.332Z |
| cve-2025-49997 | 5.3 (v3.1) | WordPress Giveaways and Contests by RafflePress plugin… |
Syed Balkhi |
Giveaways and Contests by RafflePress |
2025-06-20T15:04:05.866Z | 2026-04-28T16:13:15.170Z |
| cve-2025-49993 | 5.3 (v3.1) | WordPress Cookie-Script.com plugin <= 1.2.1 - Broken A… |
csarturas |
Cookie-Script.com |
2025-06-20T15:04:07.297Z | 2026-04-28T16:13:14.955Z |
| cve-2025-49984 | 4.9 (v3.1) | WordPress PowerPress Podcasting plugin <= 11.13.11 - S… |
blubrry |
PowerPress Podcasting |
2025-06-20T15:04:11.150Z | 2026-04-28T16:13:14.952Z |
| cve-2025-49990 | 5.3 (v3.1) | WordPress ContentStudio plugin <= 1.3.7 - Broken Acces… |
contentstudio |
Contentstudio |
2025-06-20T15:04:08.230Z | 2026-04-28T16:13:14.946Z |
| cve-2025-49979 | 4.3 (v3.1) | WordPress Media Hygiene plugin <= 4.0.1 - Broken Acces… |
slui |
Media Hygiene |
2025-06-20T15:04:13.690Z | 2026-04-28T16:13:14.929Z |
| cve-2025-49985 | 4.9 (v3.1) | WordPress Auto Upload Images plugin <= 3.3.2 - Server … |
Ali Irani |
Auto Upload Images |
2025-06-20T15:04:10.673Z | 2026-04-28T16:13:14.920Z |
| cve-2025-49982 | 4.3 (v3.1) | WordPress WP Customer Area plugin <= 8.3.4 - Broken Ac… |
aguilatechnologies |
WP Customer Area |
2025-06-20T15:04:12.125Z | 2026-04-28T16:13:14.915Z |
| cve-2025-49983 | 4.9 (v3.1) | WordPress WPThumb plugin <= 0.10 - Server Side Request… |
Joe Hoyle |
WPThumb |
2025-06-20T15:04:11.656Z | 2026-04-28T16:13:14.910Z |
| cve-2025-49987 | 5.3 (v3.1) | WordPress CRM ERP Business Solution plugin <= 1.13 - B… |
WPFactory |
CRM ERP Business Solution |
2025-06-20T15:04:09.700Z | 2026-04-28T16:13:14.883Z |
| cve-2025-49988 | 5.3 (v3.1) | WordPress Contact Form 7 AWeber Extension plugin <= 0.… |
Renzo Johnson |
Contact Form 7 AWeber Extension |
2025-06-20T15:04:09.192Z | 2026-04-28T16:13:14.823Z |
| cve-2025-49980 | 4.3 (v3.1) | WordPress WP User Profile Avatar plugin <= 1.0.6 - Bro… |
WP Event Manager |
WP User Profile Avatar |
2025-06-20T15:04:13.169Z | 2026-04-28T16:13:14.710Z |
| cve-2025-49981 | 4.3 (v3.1) | WordPress User Roles and Capabilities plugin <= 1.2.6 … |
mahabub81 |
User Roles and Capabilities |
2025-06-20T15:04:12.611Z | 2026-04-28T16:13:14.500Z |
| cve-2025-49978 | 4.3 (v3.1) | WordPress JobSearch plugin < 3.0.6 - Insecure Direct O… |
eyecix |
JobSearch |
2025-06-20T15:04:14.183Z | 2026-04-28T16:13:14.240Z |
| cve-2025-49977 | 4.3 (v3.1) | WordPress WP Inventory Manager plugin <= 2.3.4 - Cross… |
WP Inventory |
WP Inventory Manager |
2025-06-20T15:04:14.644Z | 2026-04-28T16:13:14.203Z |
| cve-2025-49971 | 4.3 (v3.1) | WordPress eDS Responsive Menu plugin <= 1.2 - Broken A… |
aThemeArt Translations |
eDS Responsive Menu |
2025-06-20T15:04:18.787Z | 2026-04-28T16:13:14.193Z |
| cve-2025-49976 | 4.3 (v3.1) | WordPress WANotifier plugin <= 2.7.12 - Broken Access … |
WANotifier |
Notifier |
2025-06-20T15:04:15.254Z | 2026-04-28T16:13:14.189Z |
| cve-2025-49964 | 4.3 (v3.1) | WordPress ClipLink plugin <= 1.1 - Cross Site Request … |
indgeek |
ClipLink |
2025-06-20T15:04:23.124Z | 2026-04-28T16:13:14.187Z |
| cve-2025-49975 | 4.3 (v3.1) | WordPress JobWP plugin <= 2.4.0 - Cross Site Request F… |
Hossni Mubarak |
JobWP |
2025-06-20T15:04:15.963Z | 2026-04-28T16:13:14.173Z |
| cve-2025-49973 | 4.3 (v3.1) | WordPress Image Sizes Controller, Create Custom Image … |
GrandPlugins |
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes |
2025-06-20T15:04:17.133Z | 2026-04-28T16:13:14.170Z |
| cve-2025-49970 | 4.3 (v3.1) | WordPress Hello FSE Blog theme <= 1.0.6 - Broken Acces… |
sparklewpthemes |
Hello FSE Blog |
2025-06-20T15:04:19.559Z | 2026-04-28T16:13:14.164Z |
| cve-2025-49965 | 4.3 (v3.1) | WordPress PixelBeds Channel Manager and Hotel Booking … |
Oganro |
PixelBeds Channel Manager and Hotel Booking Engine |
2025-06-20T15:04:22.655Z | 2026-04-28T16:13:14.136Z |
| cve-2025-49972 | 4.3 (v3.1) | WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Sit… |
David Wood |
TM Replace Howdy |
2025-06-20T15:04:17.977Z | 2026-04-28T16:13:14.132Z |
| cve-2025-49961 | 6.5 (v3.1) | WordPress Breeze Checkout plugin <= 1.4.0 - Broken Acc… |
Breeze Team |
Breeze Checkout |
2025-10-22T14:32:21.376Z | 2026-04-28T16:13:14.119Z |
| cve-2025-49969 | 4.3 (v3.1) | WordPress Zara 4 Image Compression plugin <= 1.2.17.2 … |
Zara 4 |
Zara 4 Image Compression |
2025-06-20T15:04:20.442Z | 2026-04-28T16:13:14.097Z |
| cve-2025-49968 | 4.3 (v3.1) | WordPress XML Travel Portal Widget plugin <= 2.0 - Cro… |
Oganro |
XML Travel Portal Widget |
2025-06-20T15:04:21.122Z | 2026-04-28T16:13:14.091Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-248 | Multiples vulnérabilités dans Mozilla Thunderbird | 2021-04-09T00:00:00.000000 | 2021-04-09T00:00:00.000000 |
| certfr-2021-avi-247 | Multiples vulnérabilités dans Tenable Nessus Agent | 2021-04-09T00:00:00.000000 | 2021-04-09T00:00:00.000000 |
| certfr-2021-avi-246 | Multiples vulnérabilités dans les produits Cisco | 2021-04-08T00:00:00.000000 | 2021-04-08T00:00:00.000000 |
| certfr-2021-avi-245 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-04-08T00:00:00.000000 | 2021-04-08T00:00:00.000000 |
| certfr-2021-avi-244 | Multiples vulnérabilités dans les produits Fortinet | 2021-04-07T00:00:00.000000 | 2021-04-07T00:00:00.000000 |
| certfr-2021-avi-243 | Vulnérabilité dans MongoDB Compass | 2021-04-07T00:00:00.000000 | 2021-04-07T00:00:00.000000 |
| certfr-2021-avi-242 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-04-07T00:00:00.000000 | 2021-04-07T00:00:00.000000 |
| certfr-2021-avi-241 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-04-07T00:00:00.000000 | 2021-04-07T00:00:00.000000 |
| certfr-2021-avi-240 | Multiples vulnérabilités dans Google Android | 2021-04-06T00:00:00.000000 | 2021-04-06T00:00:00.000000 |
| certfr-2021-avi-239 | Vulnérabilité dans Tenable Nessus | 2021-04-06T00:00:00.000000 | 2021-04-06T00:00:00.000000 |
| certfr-2020-avi-452 | Multiples vulnérabilités dans les produits Apple | 2020-07-20T00:00:00.000000 | 2021-04-06T00:00:00.000000 |
| certfr-2021-avi-238 | Multiples vulnérabilités dans les produits Kaspersky | 2021-04-02T00:00:00.000000 | 2021-04-02T00:00:00.000000 |
| certfr-2021-avi-237 | Vulnérabilité dans VMware Carbon Black Cloud Workload | 2021-04-02T00:00:00.000000 | 2021-04-02T00:00:00.000000 |
| certfr-2021-avi-236 | Multiples vulnérabilités dans Microsoft Edge | 2021-04-02T00:00:00.000000 | 2021-04-02T00:00:00.000000 |
| certfr-2021-avi-235 | Multiples vulnérabilités dans les produits Tenable | 2021-04-02T00:00:00.000000 | 2021-04-02T00:00:00.000000 |
| certfr-2021-avi-234 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-04-01T00:00:00.000000 | 2021-04-01T00:00:00.000000 |
| certfr-2021-avi-233 | Vulnérabilité dans Nagios XI | 2021-04-01T00:00:00.000000 | 2021-04-01T00:00:00.000000 |
| certfr-2021-avi-232 | Multiples vulnérabilités dans GitLab | 2021-04-01T00:00:00.000000 | 2021-04-01T00:00:00.000000 |
| certfr-2021-avi-231 | Multiples vulnérabilités dans les produits Trend Micro | 2021-04-01T00:00:00.000000 | 2021-04-01T00:00:00.000000 |
| certfr-2021-avi-230 | Multiples vulnérabilités dans VMware vRealize Operations | 2021-03-31T00:00:00.000000 | 2021-03-31T00:00:00.000000 |
| certfr-2021-avi-229 | Multiples vulnérabilités dans Google Chrome | 2021-03-31T00:00:00.000000 | 2021-03-31T00:00:00.000000 |
| certfr-2021-avi-228 | Vulnérabilité dans Xen | 2021-03-31T00:00:00.000000 | 2021-03-31T00:00:00.000000 |
| certfr-2021-avi-227 | Multiples vulnérabilités dans Citrix Hypervisor | 2021-03-31T00:00:00.000000 | 2021-03-31T00:00:00.000000 |
| certfr-2021-avi-226 | Multiples vulnérabilités dans Zimbra | 2021-03-31T00:00:00.000000 | 2021-03-31T00:00:00.000000 |
| certfr-2021-avi-225 | Vulnérabilité dans Apache SpamAssassin | 2021-03-30T00:00:00.000000 | 2021-03-30T00:00:00.000000 |
| certfr-2021-avi-224 | Vulnérabilité dans les produits Apple | 2021-03-29T00:00:00.000000 | 2021-03-29T00:00:00.000000 |
| certfr-2021-avi-223 | Vulnérabilité dans F5 BIG-IP | 2021-03-29T00:00:00.000000 | 2021-03-29T00:00:00.000000 |
| certfr-2021-avi-203 | Vulnérabilité dans GitLab | 2021-03-18T00:00:00.000000 | 2021-03-29T00:00:00.000000 |
| certfr-2021-avi-221 | Multiples vulnérabilités dans OpenSSL | 2021-03-26T00:00:00.000000 | 2021-03-26T00:00:00.000000 |
| certfr-2021-avi-220 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-03-26T00:00:00.000000 | 2021-03-26T00:00:00.000000 |