Trending
Vendors
microsoft
22222
google
15242
apple
14195
linux
11509
ibm
11337
oracle
10630
debian
9120
cisco
8257
adobe
6893
redhat
5657
fedoraproject
5320
red hat
5315
ubuntu
4683
canonical
4232
mozilla
3829
wordpress
3345
opensuse
3289
apache
2543
hp
2465
siemens
2386
netapp
2369
qualcomm
2170
huawei
2031
intel
1785
sun
1731
sap
1729
jenkins
1666
foxit
1580
netgear
1413
f5
1253
gnu
1232
samsung
1216
dell
1206
suse
1184
tenda
1141
gitlab
1135
fortinet
1064
d-link
1034
vmware
1010
dlink
979
trend micro
970
joomla
924
juniper
873
drupal
868
autodesk
814
foxitsoftware
797
php
780
schneider-electric
758
imagemagick
748
pdf-xchange
743
CVE-2025-26994WordPress Zigaform – Price Calculator & Cost Estimation Form Builder Lite plugin <= 7.4.2 - Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26989WordPress Zigaform – Form Builder Lite plugin <= 7.4.2 - Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26914WordPress Variable Inspector plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26984WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.7.8 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26988WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.7.8 - SQL Injection vulnerability
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-26967WordPress Events Calendar for GeoDirectory plugin <= 2.3.14 - PHP Object Injection vulnerability
8.8
First published (updated )
CVE-2025-26917WordPress WP Templata plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26918WordPress Small Package Quotes – Unishippers Edition plugin <= 2.4.9 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26970WordPress Ark Theme Core plugin <= 1.70.0 - Unauthenticated Remote Code Execution (RCE) vulnerability
10
First published (updated )
CVE-2025-26885WordPress Assistant Plugin <= 1.5.1 - PHP Object Injection vulnerability
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-26879WordPress s2Member Plugin <= 241216 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-27279WordPress Flashfader Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-27278WordPress AcuGIS Leaflet Maps Plugin <= 5.1.1.0 - Multiple Cross Site Scripting (XSS) vulnerabilities
7.1
First published (updated )
CVE-2025-27271WordPress DB Tables Import/Export Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-27269WordPress .htaccess Login block Plugin <= 0.9a - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-27270WordPress Residential Address Detection Plugin <= 2.5.4 - Arbitrary Option Update to Privilege Escalation vulnerability
9.8
First published (updated )
CVE-2025-27274WordPress GPX Viewer plugin <= 2.2.11 - Path Traversal vulnerability
4.9
First published (updated )
CVE-2025-27275WordPress WOO Codice Fiscale plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-27273WordPress Affiliate Links Manager Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
5.8
First published (updated )
CVE-2025-26588WordPress TTT Crop Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-26589WordPress IE CSS3 Support Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-27263WordPress Doctor Appointment Booking Plugin <= 1.0.0 - SQL Injection vulnerability
8.5
First published (updated )
CVE-2025-27268WordPress Small Package Quotes – Worldwide Express Edition Plugin <= 5.2.18 - SQL Injection vulnerability
9.3
First published (updated )
CVE-2025-27264WordPress Doctor Appointment Booking Plugin <= 1.0.0 - Local File Inclusion vulnerability
7.5
First published (updated )
CVE-2025-26587WordPress sidebarTabs Plugin <= 3.1 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-26585WordPress DL Leadback Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26557WordPress ViperBar Plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26563WordPress Rocket Mobile Plugin <= 0.4.2 - Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26586WordPress Events Planner Plugin <= 1.3.10 - Reflected Cross Site Scripting (XSS) vulnerability
7.1
First published (updated )
CVE-2025-26540WordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerability
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.