Filter
-Infinity
0

Trending

Last week
Last month
Last year

PeerTubePeerTube ActivityPub Playlist Creation Blind SSRF and DoS

high
7.5
First published (updated )
CVE-2025-32948

PeerTubePeerTube ActivityPub Crawl Infinite Loop DoS

high
7.5
First published (updated )
CVE-2025-32947

SimplyRETS Real Estate IDXWordPress SimplyRETS Real Estate IDX plugin <= 3.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2025-31011

FS PosterWordPress FS Poster plugin <= 6.5.8 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2025-30962

NotFound JetPopupWordPress JetPopup <= 2.0.11 - Broken Access Control Vulnerability

high
7.5
First published (updated )
CVE-2025-26944

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

WordPress JetBlogWordPress JetBlog <= 2.4.3 - Broken Access Control Vulnerability

high
7.5
First published (updated )
CVE-2025-26958

WordPress AdministratorWordPress Administrator Z <= 2025.03.24 - Privilege Escalation Vulnerability

high
8.8
First published (updated )
CVE-2025-26959

ZooEffectWordPress ZooEffect plugin <= 1.11 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2025-26954

hockeydata LOS pluginWordPress hockeydata LOS plugin <= 1.2.4 - Local File Inclusion vulnerability

high
7.5
First published (updated )
CVE-2025-26889

WordPress Advance WP Query Search FilterWordPress Advance WP Query Search Filter plugin <= 1.0.10 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2025-26743

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

WordPress Coming Soon, Maintenance ModeWordPress Coming Soon, Maintenance Mode plugin <= 1.1.1 - Local File Inclusion vulnerability

high
7.5
First published (updated )
CVE-2025-26894

JetTricksWordPress JetTricks <= 1.5.1 - Broken Access Control Vulnerability

high
7.5
First published (updated )
CVE-2025-26942

AWEOS GmbH Email Notifications for UpdatesWordPress Email Notifications for Updates <= 1.1.6 - Privilege Escalation Vulnerability

high
8.8
First published (updated )
CVE-2025-26741

WordPress Barcode Generator for WooCommerceWordPress Barcode Generator for WooCommerce plugin <= 2.0.4 - Arbitrary Content Deletion vulnerability

high
7.5
EPSS
0.04%
First published (updated )
CVE-2025-32929

WordPress Landing Page CatWordPress Landing Page Cat plugin <= 1.7.8 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
First published (updated )
CVE-2025-26992

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

T-INNOVA DeporsiteInsecure Direct Object Reference en Deporsite de T-INNOVA

high
8.7
EPSS
0.04%
First published (updated )
CVE-2025-3575

T-INNOVA DeporsiteInsecure Direct Object Reference on Deporsite by T-INNOVA

high
8.7
EPSS
0.04%
First published (updated )
CVE-2025-3574

Firefox1 vulnerability

high
7
First published (updated )
MFSA2025-25

Race Condition

high
7
First published (updated )
CVE-2025-3608

PerfreeBlogCode Injection

high
8.8
First published (updated )
CVE-2025-29281

Thunderbird2 vulnerabilities

high
7
First published (updated )
MFSA2025-26

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can b…

high
7
First published (updated )
CVE-2025-3522

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Th…

high
7
First published (updated )
CVE-2025-2830

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Thunderbird2 vulnerabilities

high
7
First published (updated )
MFSA2025-27

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can b…

high
7
First published (updated )
CVE-2025-3522

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Th…

high
7
First published (updated )
CVE-2025-2830

AutoGPTAutoGPT allows leakage of cross-domain cookies and protected headers in requests redirect

high
8.6
First published (updated )
CVE-2025-31491

AutoGPTAutoGPT allows SSRF due to DNS Rebinding in requests wrapper

high
7.5
First published (updated )
CVE-2025-31490

SicommNet BASECXSS, HTML and Style injection on login page

high
8.7
First published (updated )
CVE-2025-22373

Pega PlatformXSS

high
7.1
First published (updated )
CVE-2025-2161

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Pega PlatformXSS

high
8.1
First published (updated )
CVE-2025-2160

veal98veal98 小牛肉 Echo 开源社区系统 uploadMdPic unrestricted upload

high
7.5
EPSS
0.03%
First published (updated )
CVE-2025-3566

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203