Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68980 | 5.3 (v3.1) | WordPress WeDesignTech Portfolio plugin <= 1.0.2 - Bro… |
designthemes |
WeDesignTech Portfolio |
2025-12-30T10:47:48.858Z | 2026-04-28T16:14:33.458Z |
| cve-2025-68974 | 6.6 (v3.1) | WordPress WordPress Social Login and Register plugin <… |
miniOrange |
WordPress Social Login and Register |
2025-12-30T10:47:47.632Z | 2026-04-28T16:14:33.450Z |
| cve-2025-68912 | 8.6 (v3.1) | WordPress HDForms plugin <= 1.6.1 - Arbitrary File Del… |
Harmonic Design |
HDForms |
2026-01-22T16:52:15.047Z | 2026-04-28T16:14:33.446Z |
| cve-2025-68982 | 5.3 (v3.1) | WordPress DesignThemes LMS Addon plugin <= 2.6 - Broke… |
designthemes |
DesignThemes LMS Addon |
2025-12-30T10:47:49.216Z | 2026-04-28T16:14:33.411Z |
| cve-2025-68975 | 4.3 (v3.1) | WordPress Eagle Booking plugin <= 1.3.4.3 - Insecure D… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:47.878Z | 2026-04-28T16:14:33.400Z |
| cve-2025-68976 | 5.4 (v3.1) | WordPress Eagle Booking plugin <= 1.3.4.3 - Settings C… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:48.092Z | 2026-04-28T16:14:33.395Z |
| cve-2025-68981 | 5.3 (v3.1) | WordPress HomeFix Elementor Portfolio plugin <= 1.0.1 … |
designthemes |
HomeFix Elementor Portfolio |
2025-12-30T10:47:49.035Z | 2026-04-28T16:14:33.390Z |
| cve-2025-68983 | 7.5 (v3.1) | WordPress Greenmart theme <= 4.2.11 - Local File Inclu… |
thembay |
Greenmart |
2025-12-30T10:47:49.392Z | 2026-04-28T16:14:33.386Z |
| cve-2025-68977 | 6.5 (v3.1) | WordPress DesignThemes Portfolio Addon plugin <= 1.5 -… |
designthemes |
DesignThemes Portfolio Addon |
2025-12-30T10:47:48.297Z | 2026-04-28T16:14:33.385Z |
| cve-2025-68911 | 6.5 (v3.1) | WordPress Solace theme <= 2.1.16 - Broken Access Contr… |
solacewp |
Solace |
2026-01-22T16:52:14.813Z | 2026-04-28T16:14:33.356Z |
| cve-2025-68908 | 8.1 (v3.1) | WordPress Barberry theme <= 2.9.9.87 - Local File Incl… |
temash |
Barberry |
2026-01-22T16:52:14.157Z | 2026-04-28T16:14:33.311Z |
| cve-2025-68907 | 7.5 (v3.1) | WordPress Hostme v2 theme <= 7.0 - Arbitrary File Dele… |
AivahThemes |
Hostme v2 |
2026-01-22T16:52:13.949Z | 2026-04-28T16:14:33.277Z |
| cve-2025-68890 | 7.1 (v3.1) | WordPress e-shops plugin <= 1.0.4 - Reflected Cross Si… |
hands01 |
e-shops |
2026-01-08T09:17:54.055Z | 2026-04-28T16:14:32.752Z |
| cve-2025-68892 | 7.1 (v3.1) | WordPress Scroll rss excerpt plugin <= 5.0 - Reflected… |
gopiplus@hotmail.com |
Scroll rss excerpt |
2026-01-08T09:17:54.424Z | 2026-04-28T16:14:32.721Z |
| cve-2025-68885 | 7.1 (v3.1) | WordPress Custom Post Status plugin <= 1.1.0 - Cross S… |
page-carbajal |
Custom Post Status |
2025-12-31T05:34:27.042Z | 2026-04-28T16:14:32.692Z |
| cve-2025-68897 | 9.9 (v3.1) | WordPress IF AS Shortcode plugin <= 1.2 - Remote Code … |
Mohammad I. Okfie |
IF AS Shortcode |
2025-12-29T15:55:13.564Z | 2026-04-28T16:14:32.691Z |
| cve-2025-68893 | 4.9 (v3.1) | WordPress WordPress Image shrinker plugin <= 1.1.0 - S… |
HETWORKS |
WordPress Image shrinker |
2025-12-29T15:56:47.504Z | 2026-04-28T16:14:32.690Z |
| cve-2025-68902 | 7.5 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Download… |
AivahThemes |
Anona |
2026-01-22T16:52:12.937Z | 2026-04-28T16:14:32.689Z |
| cve-2025-68901 | 8.6 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Deletion… |
AivahThemes |
Anona |
2026-01-22T16:52:12.738Z | 2026-04-28T16:14:32.370Z |
| cve-2025-68882 | 7.5 (v3.1) | WordPress Scalenut plugin <= 1.1.5 - Broken Access Con… |
Scalenut |
Scalenut |
2026-01-22T16:52:11.129Z | 2026-04-28T16:14:32.333Z |
| cve-2025-68878 | 7.1 (v3.1) | WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflec… |
prasadkirpekar |
Advanced Custom CSS |
2025-12-29T16:00:20.652Z | 2026-04-28T16:14:32.167Z |
| cve-2025-68879 | 7.1 (v3.1) | WordPress Content Grid Slider plugin <= 1.5 - Reflecte… |
councilsoft |
Content Grid Slider |
2025-12-29T15:58:57.851Z | 2026-04-28T16:14:32.164Z |
| cve-2025-68870 | 7.5 (v3.1) | WordPress CookieHint WP plugin <= 1.0.0 - Local File I… |
reDim GmbH |
CookieHint WP |
2025-12-29T16:09:05.270Z | 2026-04-28T16:14:32.148Z |
| cve-2025-68876 | 7.1 (v3.1) | WordPress Invelity SPS connect plugin <= 1.0.8 - Refle… |
INVELITY |
Invelity SPS connect |
2025-12-29T16:05:23.287Z | 2026-04-28T16:14:32.135Z |
| cve-2025-68875 | 6.5 (v3.1) | WordPress Flaming Password Reset plugin <= 1.0.3 - Cro… |
jcaruso001 |
Flaming Password Reset |
2026-01-08T09:17:52.299Z | 2026-04-28T16:14:32.134Z |
| cve-2025-68864 | 7.1 (v3.1) | WordPress Infility Global plugin <= 2.15.11 - Cross Si… |
Infility |
Infility Global |
2026-01-22T16:52:10.147Z | 2026-04-28T16:14:32.130Z |
| cve-2025-68877 | 7.5 (v3.1) | WordPress CedCommerce Integration for Good Market plug… |
cedcommerce |
CedCommerce Integration for Good Market |
2025-12-29T16:03:22.206Z | 2026-04-28T16:14:32.129Z |
| cve-2025-68861 | 7.1 (v3.1) | WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac… |
pluginoptimizer |
Plugin Optimizer |
2025-12-29T17:23:08.542Z | 2026-04-28T16:14:32.113Z |
| cve-2025-68865 | 9.3 (v3.1) | WordPress Infility Global plugin <= 2.15.06 - SQL Inje… |
Infility |
Infility Global |
2026-01-05T10:44:34.184Z | 2026-04-28T16:14:32.112Z |
| cve-2025-68868 | 6.5 (v3.1) | WordPress Wp Text Slider Widget plugin <= 1.0 - Cross … |
codeaffairs |
Wp Text Slider Widget |
2025-12-29T16:12:32.664Z | 2026-04-28T16:14:32.108Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2009-001135 | Fujitsu Jasmine HTTP Response Splitting Vulnerability When Executing WebLink Template | 2009-04-17T14:13+09:00 | 2009-04-17T14:13+09:00 |
| jvndb-2009-000017 | XOOPS Cube Legacy cross-site scripting vulnerability | 2009-04-07T17:06+09:00 | 2009-04-07T17:06+09:00 |
| jvndb-2009-000016 | Access Analyzer CGI Professional Version vulnerability allows third party to gain administrative privileges | 2009-03-31T16:08+09:00 | 2009-03-31T16:08+09:00 |
| jvndb-2008-001647 | Jasmine WebLink Template Multiple Vulnerabilities | 2008-09-18T11:48+09:00 | 2009-03-30T14:29+09:00 |
| jvndb-2009-001087 | Fujitsu Enhanced Support Facility HRM-S Hardware/Software Information Disclosure Vulnerability | 2009-03-24T17:35+09:00 | 2009-03-24T17:35+09:00 |
| jvndb-2009-000015 | Cross-site scripting vulnerability in Access Analyzer CGI Standard Version (Ver. 3.x) | 2009-03-16T17:07+09:00 | 2009-03-16T17:07+09:00 |
| jvndb-2009-000014 | MP Form Mail CGI vulnerability allows third party to gain administrative privileges | 2009-03-13T16:25+09:00 | 2009-03-13T16:25+09:00 |
| jvndb-2009-000012 | Buffer overflow vulnerability in ActiveX Control for Sony SNC series network cameras | 2009-03-09T16:27+09:00 | 2009-03-09T16:27+09:00 |
| jvndb-2009-000013 | PEAK XOOPS piCal cross-site scripting vulnerability | 2009-03-03T16:37+09:00 | 2009-03-03T16:37+09:00 |
| jvndb-2009-001033 | Multiple Vulnerabilities in uCosminexus Portal Framework | 2009-03-02T17:38+09:00 | 2009-03-02T17:38+09:00 |
| jvndb-2009-001032 | JP1/Cm2/Network Node Manager Denial of Service (DoS) Vulnerability | 2009-03-02T17:38+09:00 | 2009-03-02T17:38+09:00 |
| jvndb-2009-000010 | Apache Tomcat information disclosure vulnerability | 2009-02-26T15:28+09:00 | 2009-02-26T15:28+09:00 |
| jvndb-2009-001025 | Vulnerability allowing Viewing/Updating of Other Users' Information in Groupmax World Wide Web Desktop Version 6 | 2009-02-26T11:55+09:00 | 2009-02-26T11:55+09:00 |
| jvndb-2009-000009 | FAST ESP cross-site scripting vulnerability | 2009-02-17T11:55+09:00 | 2009-02-17T11:55+09:00 |
| jvndb-2009-000011 | Becky! Internet Mail buffer overflow vulnerability | 2009-02-12T17:28+09:00 | 2009-02-12T17:28+09:00 |
| jvndb-2007-000817 | Flash Player vulnerable in handling cross-domain policy files | 2008-05-21T00:00+09:00 | 2009-02-10T11:32+09:00 |
| jvndb-2009-000008 | Fulltext search CGI vulnerability allows third party to gain administrative privileges | 2009-01-28T15:25+09:00 | 2009-01-28T15:25+09:00 |
| jvndb-2009-000007 | Oracle WebLogic Server vulnerable to cross-site scripting | 2009-01-20T16:45+09:00 | 2009-01-20T16:45+09:00 |
| jvndb-2009-000006 | Cisco IOS cross-site scripting vulnerability | 2009-01-15T19:14+09:00 | 2009-01-15T19:14+09:00 |
| jvndb-2009-000005 | MODx vulnerable to SQL injection | 2009-01-09T15:54+09:00 | 2009-01-09T15:54+09:00 |
| jvndb-2009-000004 | MODx cross-site request forgery vulnerability | 2009-01-09T15:54+09:00 | 2009-01-09T15:54+09:00 |
| jvndb-2009-000003 | MODx cross-site scripting vulnerability | 2009-01-09T15:54+09:00 | 2009-01-09T15:54+09:00 |
| jvndb-2009-000001 | MyNETS cross-site scripting vulnerability | 2009-01-08T11:34+09:00 | 2009-01-08T11:34+09:00 |
| jvndb-2008-000086 | BlackJumboDog authentication bypass vulnerability | 2008-12-25T16:22+09:00 | 2008-12-25T16:22+09:00 |
| jvndb-2008-000085 | Mayaa cross-site scripting vulnerability | 2008-12-25T16:22+09:00 | 2008-12-25T16:22+09:00 |
| jvndb-2008-000083 | Predictable session ID vulnerability in Access Analyzer CGI by futomi's CGI Cafe | 2008-12-17T15:30+09:00 | 2008-12-17T15:30+09:00 |
| jvndb-2008-001911 | Groupmax Workflow - Development Kit for Active Server Pages Cross-Site Scripting Vulnerability | 2008-12-05T11:35+09:00 | 2008-12-05T11:35+09:00 |
| jvndb-2008-001910 | Groupmax Collaboration - Schedule Mis-scheduling Problem: Unintended Members Included When Reservations are Made by Secretary | 2008-12-05T11:34+09:00 | 2008-12-05T11:34+09:00 |
| jvndb-2008-000067 | Movable Type Enterprise cross-site scripting vulnerability | 2008-12-04T14:52+09:00 | 2008-12-04T14:52+09:00 |
| jvndb-2008-000079 | I-O DATA DEVICE HDL-F series cross-site request forgery vulnerability | 2008-12-02T15:50+09:00 | 2008-12-02T15:50+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0995 | Multiples vulnérabilités dans Google Android | 2023-12-05T00:00:00.000000 | 2023-12-11T00:00:00.000000 |
| certfr-2023-avi-1009 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-12-08T00:00:00.000000 | 2023-12-08T00:00:00.000000 |
| certfr-2023-avi-1008 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-12-08T00:00:00.000000 | 2023-12-08T00:00:00.000000 |
| certfr-2023-avi-1007 | Multiples vulnérabilités dans les produits IBM | 2023-12-08T00:00:00.000000 | 2023-12-08T00:00:00.000000 |
| certfr-2023-avi-1006 | Multiples vulnérabilités dans Microsoft Edge | 2023-12-08T00:00:00.000000 | 2023-12-08T00:00:00.000000 |
| certfr-2023-avi-1004 | Multiples vulnérabilités dans Nagios XI | 2023-12-07T00:00:00.000000 | 2023-12-07T00:00:00.000000 |
| certfr-2023-avi-1003 | Vulnérabilité dans WordPress | 2023-12-07T00:00:00.000000 | 2023-12-07T00:00:00.000000 |
| certfr-2023-avi-1002 | Vulnérabilité dans MISP | 2023-12-07T00:00:00.000000 | 2023-12-07T00:00:00.000000 |
| certfr-2023-avi-1001 | Vulnérabilité dans Atlassian Confluence | 2023-12-06T00:00:00.000000 | 2023-12-06T00:00:00.000000 |
| certfr-2023-avi-1000 | Multiples vulnérabilités dans Progress MOVEit Transfer | 2023-12-06T00:00:00.000000 | 2023-12-06T00:00:00.000000 |
| certfr-2023-avi-0999 | Vulnérabilité dans ElasticSearch pour Hadoop | 2023-12-06T00:00:00.000000 | 2023-12-06T00:00:00.000000 |
| certfr-2023-avi-0998 | Multiples vulnérabilités dans Google Chrome | 2023-12-06T00:00:00.000000 | 2023-12-06T00:00:00.000000 |
| certfr-2023-avi-0997 | Vulnérabilité dans SolarWinds Serv-U | 2023-12-06T00:00:00.000000 | 2023-12-06T00:00:00.000000 |
| certfr-2023-avi-0996 | Vulnérabilité dans TheGreenBow VPN Client | 2023-12-05T00:00:00.000000 | 2023-12-05T00:00:00.000000 |
| certfr-2023-avi-0994 | Multiples vulnérabilités dans SonicWall SMA | 2023-12-05T00:00:00.000000 | 2023-12-05T00:00:00.000000 |
| certfr-2023-avi-0993 | Multiples vulnérabilités dans Squid | 2023-12-04T00:00:00.000000 | 2023-12-04T00:00:00.000000 |
| certfr-2023-avi-0992 | Vulnérabilité dans SolarWinds Platform | 2023-12-01T00:00:00.000000 | 2023-12-01T00:00:00.000000 |
| certfr-2023-avi-0991 | Multiples vulnérabilités dans GitLab | 2023-12-01T00:00:00.000000 | 2023-12-01T00:00:00.000000 |
| certfr-2023-avi-0990 | Multiples vulnérabilités dans les produits IBM | 2023-12-01T00:00:00.000000 | 2023-12-01T00:00:00.000000 |
| certfr-2023-avi-0989 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-12-01T00:00:00.000000 | 2023-12-01T00:00:00.000000 |
| certfr-2023-avi-0988 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-12-01T00:00:00.000000 | 2023-12-01T00:00:00.000000 |
| certfr-2023-avi-0987 | Multiples vulnérabilités dans les produits Apple | 2023-12-01T00:00:00.000000 | 2023-12-01T00:00:00.000000 |
| certfr-2023-avi-0986 | Multiples vulnérabilités dans Tenable Nessus Network Monitor | 2023-11-30T00:00:00.000000 | 2023-11-30T00:00:00.000000 |
| certfr-2023-avi-0985 | Multiples vulnérabilités dans Microsoft Edge | 2023-11-30T00:00:00.000000 | 2023-11-30T00:00:00.000000 |
| certfr-2023-avi-0984 | Multiples vulnérabilités dans les produits Axis | 2023-11-29T00:00:00.000000 | 2023-11-30T00:00:00.000000 |
| certfr-2023-avi-0983 | Multiples vulnérabilités dans Google Chrome | 2023-11-29T00:00:00.000000 | 2023-11-29T00:00:00.000000 |
| certfr-2023-avi-0982 | Vulnérabilité dans Apache Tomcat | 2023-11-29T00:00:00.000000 | 2023-11-29T00:00:00.000000 |
| certfr-2023-avi-0981 | Vulnérabilité dans Joomla! | 2023-11-29T00:00:00.000000 | 2023-11-29T00:00:00.000000 |
| certfr-2023-avi-0980 | Multiples vulnérabilités dans les produits Spring | 2023-11-27T00:00:00.000000 | 2023-11-27T00:00:00.000000 |
| certfr-2023-avi-0979 | Vulnérabilité dans les produits NetApp | 2023-11-24T00:00:00.000000 | 2023-11-24T00:00:00.000000 |