CVE Lookup

Search Common Vulnerabilities and Exposures (CVE) by number.

Latest CVEs


PublishedCVETitleDomains
Jun 13, 2025CVE-2025-5123Contact Us Page – Contact People <= 3.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via style Parameter107
Jun 13, 2025CVE-2025-5282WP Travel Engine <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post Deletion2,038
Jun 11, 2025CVE-2025-5395WordPress Automatic Plugin - AI content generator and auto poster plugin <= 3.115.0 - Authenticated (Author+) Arbitrary File Upload156
Jun 11, 2025CVE-2025-4128Mattermost Guest User Information Disclosure Vulnerability135
Jun 11, 2025CVE-2025-3302Xagio SEO <= 7.1.0.16 - Unauthenticated Stored Cross-Site Scripting via 'HTTP_REFERER'1,700
Jun 11, 2025CVE-2025-5144The Events Calendar <= 6.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting101,135
Jun 11, 2025CVE-2025-4573LDAP Injection in Mattermost Enterprise Edition When Using Active Directory223
Jun 11, 2025CVE-2025-4315CubeWP – All-in-One Dynamic Content Framework <= 1.1.23 - Authenticated (Subscriber+) Privilege Escalation494
Jun 10, 2025CVE-2025-49510WordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerability155
Jun 10, 2025CVE-2024-37396A stored cross-site scripting (XSS) vulnerability in the Calendar function of REDCap 13.1.9 allows a...165
See complete list of latest CVEs

List of the most common Common Vulnerabilities and Exposures (CVEs)


PublishedCVETitleDomains
Apr 29, 2020CVE-2020-11023Potential XSS vulnerability in jQuery8,353,176
Apr 29, 2020CVE-2020-11022Potential XSS vulnerability in jQuery8,345,449
Apr 19, 2019CVE-2019-11358jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(t...8,053,479
Jan 19, 2018CVE-2015-9251jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax req...7,100,202
Jun 9, 2024CVE-2024-5458Filter bypass in filter_var (FILTER_VALIDATE_URL)3,167,098
Apr 16, 2025CVE-2025-3247Contact Form 7 <= 6.0.5 - Order Replay Vulnerability3,107,340
Apr 5, 2024CVE-2023-5692WordPress Core is vulnerable to Sensitive Information Exposure in versions up to, and including, 6....2,808,000
Apr 4, 2024CVE-2024-31210PHP file upload bypass via Plugin installer2,771,648
Dec 7, 2018CVE-2018-19935ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of ser...2,647,617
Jan 5, 2023CVE-2023-22622WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and th...2,213,097
See complete CVE list