Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-49973 | 4.3 (v3.1) | WordPress Image Sizes Controller, Create Custom Image … |
GrandPlugins |
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes |
2025-06-20T15:04:17.133Z | 2026-04-28T16:13:14.170Z |
| cve-2025-49970 | 4.3 (v3.1) | WordPress Hello FSE Blog theme <= 1.0.6 - Broken Acces… |
sparklewpthemes |
Hello FSE Blog |
2025-06-20T15:04:19.559Z | 2026-04-28T16:13:14.164Z |
| cve-2025-49965 | 4.3 (v3.1) | WordPress PixelBeds Channel Manager and Hotel Booking … |
Oganro |
PixelBeds Channel Manager and Hotel Booking Engine |
2025-06-20T15:04:22.655Z | 2026-04-28T16:13:14.136Z |
| cve-2025-49972 | 4.3 (v3.1) | WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Sit… |
David Wood |
TM Replace Howdy |
2025-06-20T15:04:17.977Z | 2026-04-28T16:13:14.132Z |
| cve-2025-49961 | 6.5 (v3.1) | WordPress Breeze Checkout plugin <= 1.4.0 - Broken Acc… |
Breeze Team |
Breeze Checkout |
2025-10-22T14:32:21.376Z | 2026-04-28T16:13:14.119Z |
| cve-2025-49969 | 4.3 (v3.1) | WordPress Zara 4 Image Compression plugin <= 1.2.17.2 … |
Zara 4 |
Zara 4 Image Compression |
2025-06-20T15:04:20.442Z | 2026-04-28T16:13:14.097Z |
| cve-2025-49968 | 4.3 (v3.1) | WordPress XML Travel Portal Widget plugin <= 2.0 - Cro… |
Oganro |
XML Travel Portal Widget |
2025-06-20T15:04:21.122Z | 2026-04-28T16:13:14.091Z |
| cve-2025-49967 | 4.3 (v3.1) | WordPress Live Sports Streamthunder plugin <= 2.1 - Cr… |
marcusjansen |
Live Sports Streamthunder |
2025-06-20T15:04:21.688Z | 2026-04-28T16:13:14.091Z |
| cve-2025-49966 | 4.3 (v3.1) | WordPress Oganro Travel Portal Search Widget for Hotel… |
Oganro |
Oganro Travel Portal Search Widget for HotelBeds APITUDE API |
2025-06-20T15:04:22.175Z | 2026-04-28T16:13:14.041Z |
| cve-2025-49974 | 4.3 (v3.1) | WordPress UpStream: a Project Management Plugin for Wo… |
upstreamplugin |
UpStream: a Project Management Plugin for WordPress |
2025-06-20T15:04:16.551Z | 2026-04-28T16:13:13.985Z |
| cve-2025-49958 | 7.1 (v3.1) | WordPress Robokassa payment gateway for Woocommerce pl… |
robokassa |
Robokassa payment gateway for Woocommerce |
2025-10-22T14:32:20.661Z | 2026-04-28T16:13:10.044Z |
| cve-2025-49949 | 5.4 (v3.1) | WordPress Templazee plugin <= 1.0.2 - Broken Access Co… |
templazee |
Templazee |
2025-10-22T14:32:18.660Z | 2026-04-28T16:13:09.088Z |
| cve-2025-49952 | 6.5 (v3.1) | WordPress Houzez theme <= 4.2.5 - Insecure Direct Obje… |
favethemes |
Houzez |
2025-10-22T14:32:19.320Z | 2026-04-28T16:13:08.925Z |
| cve-2025-49950 | 7.2 (v3.1) | WordPress Official Integration for Billingo plugin <= … |
billingo |
Official Integration for Billingo |
2025-10-22T14:32:18.932Z | 2026-04-28T16:13:08.830Z |
| cve-2025-49937 | 4.3 (v3.1) | WordPress Smash Balloon Social Post Feed plugin <= 4.3… |
Syed Balkhi |
Smash Balloon Social Post Feed |
2025-10-22T14:32:16.676Z | 2026-04-28T16:13:08.568Z |
| cve-2025-49935 | 7.5 (v3.1) | WordPress WoodMart theme < 8.3.2 - Local File Inclusio… |
xtemos |
WoodMart |
2025-10-22T14:32:16.098Z | 2026-04-28T16:13:08.535Z |
| cve-2025-49934 | 6.5 (v3.1) | WordPress JetBlocks For Elementor plugin <= 1.3.18 - C… |
Crocoblock |
JetBlocks For Elementor |
2025-10-22T14:32:15.865Z | 2026-04-28T16:13:08.263Z |
| cve-2025-49931 | 9.3 (v3.1) | WordPress JetSearch plugin <= 3.5.10 - SQL Injection v… |
Crocoblock |
JetSearch |
2025-10-22T14:32:15.259Z | 2026-04-28T16:13:08.251Z |
| cve-2025-49924 | 7.2 (v3.1) | WordPress Wholesale Suite plugin <= 2.2.4.2 - Privileg… |
Josh Kohlbach |
Wholesale Suite |
2025-10-22T14:32:13.804Z | 2026-04-28T16:13:08.005Z |
| cve-2025-49925 | 7.5 (v3.1) | WordPress WPLMS plugin <= 1.9.9.7 - Broken Access Cont… |
VibeThemes |
WPLMS |
2025-10-22T14:32:14.033Z | 2026-04-28T16:13:07.976Z |
| cve-2025-49923 | 5.9 (v3.1) | WordPress Seriously Simple Podcasting plugin <= 3.11.1… |
Craig Hewitt |
Seriously Simple Podcasting |
2025-10-22T14:32:13.596Z | 2026-04-28T16:13:07.972Z |
| cve-2025-49922 | 4.3 (v3.1) | WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 -… |
etruel |
WPeMatico RSS Feed Fetcher |
2025-10-22T14:32:13.367Z | 2026-04-28T16:13:07.972Z |
| cve-2025-49921 | 7.5 (v3.1) | WordPress JetReviews plugin <= 3.0.0 - Local File Incl… |
Crocoblock |
JetReviews |
2025-10-22T14:32:13.059Z | 2026-04-28T16:13:07.913Z |
| cve-2025-49916 | 8.6 (v3.1) | WordPress MultiVendorX plugin <= 4.2.23 - Broken Acces… |
MultiVendorX |
MultiVendorX |
2025-10-22T14:32:12.420Z | 2026-04-28T16:13:07.903Z |
| cve-2025-49915 | 9.3 (v3.1) | WordPress SMS Alert Order Notifications plugin <= 3.8.… |
Cozy Vision |
SMS Alert Order Notifications |
2025-10-22T14:32:12.221Z | 2026-04-28T16:13:07.898Z |
| cve-2025-49926 | 7.2 (v3.1) | WordPress Kalium theme <= 3.25 - Arbitrary Code Execut… |
Laborator |
Kalium |
2025-10-22T14:32:14.208Z | 2026-04-28T16:13:07.897Z |
| cve-2025-49918 | 5.9 (v3.1) | WordPress VikBooking Hotel Booking Engine & PMS plugin… |
e4jvikwp |
VikBooking Hotel Booking Engine & PMS |
2025-12-18T07:21:44.067Z | 2026-04-28T16:13:07.897Z |
| cve-2025-49913 | 5.3 (v3.1) | WordPress CoSchedule plugin <= 3.4.0 - Broken Access C… |
CoSchedule |
CoSchedule |
2025-10-22T14:32:11.977Z | 2026-04-28T16:13:07.838Z |
| cve-2025-49920 | 5.4 (v3.1) | WordPress Web Accessibility By accessiBe plugin <= 2.1… |
accessiBe |
Web Accessibility By accessiBe |
2025-10-22T14:32:12.844Z | 2026-04-28T16:13:07.817Z |
| cve-2025-49907 | 4.3 (v3.1) | WordPress MDTF plugin <= 1.3.3.9 - Broken Access Contr… |
RealMag777 |
MDTF |
2025-10-22T14:32:10.614Z | 2026-04-28T16:13:07.579Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-129 | Vulnérabilité dans les produits Kaspersky | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-128 | Multiples vulnérabilités dans les produits Qnap | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-127 | Vulnérabilité dans les produits Moxa | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-126 | Multiples vulnérabilités dans Google Chrome | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-125 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-124 | Multiples vulnérabilités dans OpenSSL | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-123 | Vulnérabilité dans Xen | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-122 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-121 | Vulnérabilité dans les produits F5 | 2021-02-15T00:00:00.000000 | 2021-02-15T00:00:00.000000 |
| certfr-2021-avi-120 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-02-15T00:00:00.000000 | 2021-02-15T00:00:00.000000 |
| certfr-2021-avi-119 | Multiples vulnérabilités dans IBM SDK Java Technology Edition | 2021-02-12T00:00:00.000000 | 2021-02-12T00:00:00.000000 |
| certfr-2021-avi-118 | Vulnérabilité dans VMware vSphere Replication | 2021-02-12T00:00:00.000000 | 2021-02-12T00:00:00.000000 |
| certfr-2021-avi-117 | Multiples vulnérabilités dans PostgreSQL | 2021-02-12T00:00:00.000000 | 2021-02-12T00:00:00.000000 |
| certfr-2021-avi-116 | Multiples vulnérabilités dans GitLab | 2021-02-12T00:00:00.000000 | 2021-02-12T00:00:00.000000 |
| certfr-2021-avi-115 | Multiples vulnérabilités dans Ruby on Rails | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-114 | Multiples vulnérabilités dans F5 BIG-IP | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-113 | Vulnérabilité dans Mitel MiContact Center Business | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-112 | Vulnérabilité dans Cisco IOS XR | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-111 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-110 | Vulnérabilité dans Palo Alto Networks Prisma Cloud Compute | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-109 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-108 | Vulnérabilité dans les produits Cisco | 2021-02-11T00:00:00.000000 | 2021-02-11T00:00:00.000000 |
| certfr-2021-avi-107 | Multiples vulnérabilités dans les produits Microsoft | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |
| certfr-2021-avi-106 | Multiples vulnérabilités dans Microsoft .Net | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |
| certfr-2021-avi-105 | Multiples vulnérabilités dans Microsoft Windows | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |
| certfr-2021-avi-104 | Multiples vulnérabilités dans Microsoft Office | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |
| certfr-2021-avi-103 | Multiples vulnérabilités dans Microsoft Edge | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |
| certfr-2021-avi-101 | Multiples vulnérabilités dans IBM Spectrum Protect Plus | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |
| certfr-2021-avi-100 | Multiples vulnérabilités dans Magento | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |
| certfr-2021-avi-099 | Multiples vulnérabilités dans les produits Intel | 2021-02-10T00:00:00.000000 | 2021-02-10T00:00:00.000000 |