Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68987 | 7.5 (v3.1) | WordPress Cinerama theme <= 2.9 - Local File Inclusion… |
Edge-Themes |
Cinerama |
2025-12-30T10:47:49.947Z | 2026-04-28T16:14:33.768Z |
| cve-2025-68993 | 5.3 (v3.1) | WordPress Share, Print and PDF Products for WooCommerc… |
XforWooCommerce |
Share, Print and PDF Products for WooCommerce |
2025-12-30T10:47:51.107Z | 2026-04-28T16:14:33.764Z |
| cve-2025-68994 | 5.3 (v3.1) | WordPress Product Loops for WooCommerce plugin <= 2.1.… |
XforWooCommerce |
Product Loops for WooCommerce |
2025-12-30T10:47:51.296Z | 2026-04-28T16:14:33.761Z |
| cve-2025-68985 | 7.5 (v3.1) | WordPress Aora theme <= 1.3.15 - Local File Inclusion … |
thembay |
Aora |
2025-12-30T10:47:49.767Z | 2026-04-28T16:14:33.567Z |
| cve-2025-68978 | 6.5 (v3.1) | WordPress DesignThemes Core plugin <= 1.6 - Cross Site… |
designthemes |
DesignThemes Core |
2025-12-30T10:47:48.485Z | 2026-04-28T16:14:33.548Z |
| cve-2025-68984 | 7.5 (v3.1) | WordPress Puca theme <= 2.6.39 - Local File Inclusion … |
thembay |
Puca |
2025-12-30T10:47:49.577Z | 2026-04-28T16:14:33.544Z |
| cve-2025-68979 | 5.3 (v3.1) | WordPress Google Calendar Events plugin <= 3.5.9 - Ins… |
SimpleCalendar |
Google Calendar Events |
2025-12-30T10:47:48.678Z | 2026-04-28T16:14:33.469Z |
| cve-2025-68980 | 5.3 (v3.1) | WordPress WeDesignTech Portfolio plugin <= 1.0.2 - Bro… |
designthemes |
WeDesignTech Portfolio |
2025-12-30T10:47:48.858Z | 2026-04-28T16:14:33.458Z |
| cve-2025-68974 | 6.6 (v3.1) | WordPress WordPress Social Login and Register plugin <… |
miniOrange |
WordPress Social Login and Register |
2025-12-30T10:47:47.632Z | 2026-04-28T16:14:33.450Z |
| cve-2025-68912 | 8.6 (v3.1) | WordPress HDForms plugin <= 1.6.1 - Arbitrary File Del… |
Harmonic Design |
HDForms |
2026-01-22T16:52:15.047Z | 2026-04-28T16:14:33.446Z |
| cve-2025-68982 | 5.3 (v3.1) | WordPress DesignThemes LMS Addon plugin <= 2.6 - Broke… |
designthemes |
DesignThemes LMS Addon |
2025-12-30T10:47:49.216Z | 2026-04-28T16:14:33.411Z |
| cve-2025-68975 | 4.3 (v3.1) | WordPress Eagle Booking plugin <= 1.3.4.3 - Insecure D… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:47.878Z | 2026-04-28T16:14:33.400Z |
| cve-2025-68976 | 5.4 (v3.1) | WordPress Eagle Booking plugin <= 1.3.4.3 - Settings C… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:48.092Z | 2026-04-28T16:14:33.395Z |
| cve-2025-68981 | 5.3 (v3.1) | WordPress HomeFix Elementor Portfolio plugin <= 1.0.1 … |
designthemes |
HomeFix Elementor Portfolio |
2025-12-30T10:47:49.035Z | 2026-04-28T16:14:33.390Z |
| cve-2025-68983 | 7.5 (v3.1) | WordPress Greenmart theme <= 4.2.11 - Local File Inclu… |
thembay |
Greenmart |
2025-12-30T10:47:49.392Z | 2026-04-28T16:14:33.386Z |
| cve-2025-68977 | 6.5 (v3.1) | WordPress DesignThemes Portfolio Addon plugin <= 1.5 -… |
designthemes |
DesignThemes Portfolio Addon |
2025-12-30T10:47:48.297Z | 2026-04-28T16:14:33.385Z |
| cve-2025-68911 | 6.5 (v3.1) | WordPress Solace theme <= 2.1.16 - Broken Access Contr… |
solacewp |
Solace |
2026-01-22T16:52:14.813Z | 2026-04-28T16:14:33.356Z |
| cve-2025-68908 | 8.1 (v3.1) | WordPress Barberry theme <= 2.9.9.87 - Local File Incl… |
temash |
Barberry |
2026-01-22T16:52:14.157Z | 2026-04-28T16:14:33.311Z |
| cve-2025-68907 | 7.5 (v3.1) | WordPress Hostme v2 theme <= 7.0 - Arbitrary File Dele… |
AivahThemes |
Hostme v2 |
2026-01-22T16:52:13.949Z | 2026-04-28T16:14:33.277Z |
| cve-2025-68890 | 7.1 (v3.1) | WordPress e-shops plugin <= 1.0.4 - Reflected Cross Si… |
hands01 |
e-shops |
2026-01-08T09:17:54.055Z | 2026-04-28T16:14:32.752Z |
| cve-2025-68892 | 7.1 (v3.1) | WordPress Scroll rss excerpt plugin <= 5.0 - Reflected… |
gopiplus@hotmail.com |
Scroll rss excerpt |
2026-01-08T09:17:54.424Z | 2026-04-28T16:14:32.721Z |
| cve-2025-68885 | 7.1 (v3.1) | WordPress Custom Post Status plugin <= 1.1.0 - Cross S… |
page-carbajal |
Custom Post Status |
2025-12-31T05:34:27.042Z | 2026-04-28T16:14:32.692Z |
| cve-2025-68897 | 9.9 (v3.1) | WordPress IF AS Shortcode plugin <= 1.2 - Remote Code … |
Mohammad I. Okfie |
IF AS Shortcode |
2025-12-29T15:55:13.564Z | 2026-04-28T16:14:32.691Z |
| cve-2025-68893 | 4.9 (v3.1) | WordPress WordPress Image shrinker plugin <= 1.1.0 - S… |
HETWORKS |
WordPress Image shrinker |
2025-12-29T15:56:47.504Z | 2026-04-28T16:14:32.690Z |
| cve-2025-68902 | 7.5 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Download… |
AivahThemes |
Anona |
2026-01-22T16:52:12.937Z | 2026-04-28T16:14:32.689Z |
| cve-2025-68901 | 8.6 (v3.1) | WordPress Anona theme <= 8.0 - Arbitrary File Deletion… |
AivahThemes |
Anona |
2026-01-22T16:52:12.738Z | 2026-04-28T16:14:32.370Z |
| cve-2025-68882 | 7.5 (v3.1) | WordPress Scalenut plugin <= 1.1.5 - Broken Access Con… |
Scalenut |
Scalenut |
2026-01-22T16:52:11.129Z | 2026-04-28T16:14:32.333Z |
| cve-2025-68878 | 7.1 (v3.1) | WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflec… |
prasadkirpekar |
Advanced Custom CSS |
2025-12-29T16:00:20.652Z | 2026-04-28T16:14:32.167Z |
| cve-2025-68879 | 7.1 (v3.1) | WordPress Content Grid Slider plugin <= 1.5 - Reflecte… |
councilsoft |
Content Grid Slider |
2025-12-29T15:58:57.851Z | 2026-04-28T16:14:32.164Z |
| cve-2025-68870 | 7.5 (v3.1) | WordPress CookieHint WP plugin <= 1.0.0 - Local File I… |
reDim GmbH |
CookieHint WP |
2025-12-29T16:09:05.270Z | 2026-04-28T16:14:32.148Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2008-000012 | Cross-site scripting vulnerability in multiple Tor World CGI scripts | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000011 | Internet Scanner reporting engine vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000008 | PC2M cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000007 | RaidenHTTPD cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000006 | Cross-site scripting vulnerabilities in multiple Hal Networks shopping cart products | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000005 | Multiple Yamaha routers vulnerable to cross-site request forgery | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000001 | Multiple JustSystems products vulnerable to buffer overflow | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001133 | Cosminexus Component Container Session Handling Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001092 | JP1/Cm2/Network Node Manager Arbitrary Code Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001091 | Cosminexus Application Server Incorrect Group Permission Handling Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001000 | Hitachi JP1/File Transmission Server/FTP Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000999 | Hitachi JP1/File Transmission Server/FTP Authentication Bypass Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000921 | Groupmax Collaboration Schedule Information Disclosure Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000878 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000877 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000876 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000875 | AirStation series and BroadStation series vulnerable to cross-site request forgery | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000824 | GreaseKit and Creammonkey allows execution of userscript functions | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000823 | Cross-site scripting in Sun Java System Web Server and Sun Java System Web Proxy Server | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000822 | WinAce buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000820 | Google Web Toolkit vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000816 | Rainboard cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000815 | Multiple Cybozu products vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000814 | Multiple Cybozu products vulnerable to HTTP header injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000813 | Multiple Cybozu products vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000812 | Cybozu Office denial of service (DoS) vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000811 | HttpLogger vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000810 | JP1/Cm2/Network Node Manager vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000809 | SonicStage CP buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000808 | Lhaplus buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0891 | Multiples vulnérabilités dans les produits Ivanti | 2023-10-26T00:00:00.000000 | 2023-10-26T00:00:00.000000 |
| certfr-2023-avi-0890 | Multiples vulnérabilités dans les produits Apple | 2023-10-26T00:00:00.000000 | 2023-10-26T00:00:00.000000 |
| certfr-2023-avi-0889 | Multiples vulnérabilités dans les produits Tenable | 2023-10-26T00:00:00.000000 | 2023-10-26T00:00:00.000000 |
| certfr-2023-avi-0888 | Multiples vulnérabilités dans ClamAV | 2023-10-26T00:00:00.000000 | 2023-10-26T00:00:00.000000 |
| certfr-2023-avi-0887 | Multiples vulnérabilités dans les produits SonicWall | 2023-10-26T00:00:00.000000 | 2023-10-26T00:00:00.000000 |
| certfr-2023-avi-0886 | Multiples vulnérabilités dans Tenable Identity Exposure | 2023-10-25T00:00:00.000000 | 2023-10-25T00:00:00.000000 |
| certfr-2023-avi-0885 | Multiples vulnérabilités dans VMware vCenter | 2023-10-25T00:00:00.000000 | 2023-10-25T00:00:00.000000 |
| certfr-2023-avi-0884 | Multiples vulnérabilités dans Aruba ClearPass Policy Manager | 2023-10-25T00:00:00.000000 | 2023-10-25T00:00:00.000000 |
| certfr-2023-avi-0883 | Multiples vulnérabilités dans Google Chrome | 2023-10-25T00:00:00.000000 | 2023-10-25T00:00:00.000000 |
| certfr-2023-avi-0882 | Vulnérabilité dans OpenSSL | 2023-10-25T00:00:00.000000 | 2023-10-25T00:00:00.000000 |
| certfr-2023-avi-0881 | Multiples vulnérabilités dans les produits Mozilla | 2023-10-25T00:00:00.000000 | 2023-10-25T00:00:00.000000 |
| certfr-2023-avi-0880 | Vulnérabilité dans les produits Liferay | 2023-10-24T00:00:00.000000 | 2023-10-24T00:00:00.000000 |
| certfr-2023-avi-0879 | Multiples vulnérabilités dans SolarWinds Access Rights Manager | 2023-10-23T00:00:00.000000 | 2023-10-24T00:00:00.000000 |
| certfr-2023-avi-0877 | Vulnérabilité dans Microsoft Edge | 2023-10-23T00:00:00.000000 | 2023-10-23T00:00:00.000000 |
| certfr-2023-avi-0876 | Multiples vulnérabilités dans Squid | 2023-10-23T00:00:00.000000 | 2023-10-23T00:00:00.000000 |
| certfr-2023-avi-0875 | Vulnérabilité dans Qnap QUSBCam2 | 2023-10-23T00:00:00.000000 | 2023-10-23T00:00:00.000000 |
| certfr-2023-avi-0873 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-10-20T00:00:00.000000 | 2023-10-23T00:00:00.000000 |
| certfr-2023-avi-0872 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-10-20T00:00:00.000000 | 2023-10-23T00:00:00.000000 |
| certfr-2023-avi-0871 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-10-20T00:00:00.000000 | 2023-10-23T00:00:00.000000 |
| certfr-2023-avi-0874 | Multiples vulnérabilités dans le noyau Linux de DebianLTS | 2023-10-20T00:00:00.000000 | 2023-10-20T00:00:00.000000 |
| certfr-2023-avi-0870 | Multiples vulnérabilités dans les produits VMware | 2023-10-20T00:00:00.000000 | 2023-10-20T00:00:00.000000 |
| certfr-2023-avi-0869 | Multiples vulnérabilités dans Zimbra Collaboration | 2023-10-19T00:00:00.000000 | 2023-10-19T00:00:00.000000 |
| certfr-2023-avi-0868 | Multiples vulnérabilités dans Apache HTTP Server | 2023-10-19T00:00:00.000000 | 2023-10-19T00:00:00.000000 |
| certfr-2023-avi-0867 | Vulnérabilité dans Spring AMQP | 2023-10-19T00:00:00.000000 | 2023-10-19T00:00:00.000000 |
| certfr-2023-avi-0866 | Multiples vulnérabilités dans Oracle Virtualization | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0865 | Multiples vulnérabilités dans Oracle Systems | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0864 | Multiples vulnérabilités dans Oracle PeopleSoft | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0863 | Multiples vulnérabilités dans Oracle MySQL | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0862 | Multiples vulnérabilités dans Oracle Java SE | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |
| certfr-2023-avi-0861 | Multiples vulnérabilités dans Oracle WebLogic | 2023-10-18T00:00:00.000000 | 2023-10-18T00:00:00.000000 |