Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-62039

    Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Retrieve Embedded Sensitive Data.This issue affects AI ChatBot with ChatGPT and Content Generator ... Read more

    Affected Products : chatgpt_assistant
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-62038

    Insertion of Sensitive Information Into Sent Data vulnerability in Sovlix MeetingHub meetinghub allows Retrieve Embedded Sensitive Data.This issue affects MeetingHub: from n/a through <= 1.23.9.... Read more

    Affected Products :
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-62037

    Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.... Read more

    Affected Products :
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Authorization

  • 7.1

    HIGH
    CVE-2025-62036

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.... Read more

    Affected Products :
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2025-62035

    Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.... Read more

    Affected Products :
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-62034

    Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.... Read more

    Affected Products :
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-62033

    Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.... Read more

    Affected Products :
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-62032

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through < 3.9.2.... Read more

    Affected Products : cloud_library
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-62031

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through <= 5.4.1.... Read more

    Affected Products : composer
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-62030

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through <= 5.4.1.... Read more

    Affected Products : composer
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.1

    HIGH
    CVE-2025-62029

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themesion Grevo grevo.This issue affects Grevo: from n/a through <= 2.4.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Injection

  • 4.3

    MEDIUM
    CVE-2025-62028

    Missing Authorization vulnerability in ThemeNectar Salient salient.This issue affects Salient: from n/a through < 17.4.0.... Read more

    Affected Products :
    • Published: Nov. 06, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-62027

    Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through <= 5.26.3.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-62026

    Insertion of Sensitive Information Into Sent Data vulnerability in Blockspare Blockspare blockspare allows Retrieve Embedded Sensitive Data.This issue affects Blockspare: from n/a through <= 3.2.13.2.... Read more

    Affected Products : blockspare
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2025-62025

    Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch.This issue affects JobSearch: from n/a through < 3.0.8.... Read more

    Affected Products : jobsearch_wp_job_board
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Misconfiguration

  • 6.5

    MEDIUM
    CVE-2025-62024

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Jernigan Pie Calendar pie-calendar.This issue affects Pie Calendar: from n/a through <= 1.2.9.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-62023

    Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through <= 250905.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-62022

    Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through <= 14.3.4.... Read more

    Affected Products : buddypress
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-62021

    Missing Authorization vulnerability in Made Neat Acknowledgify acknowledgify.This issue affects Acknowledgify: from n/a through <= 1.1.3.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Authorization

  • 7.1

    HIGH
    CVE-2025-62020

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infomaniak Network VOD Infomaniak vod-infomaniak.This issue affects VOD Infomaniak: from n/a through <= 1.5.11.... Read more

    Affected Products : vod_infomaniak
    • Published: Oct. 22, 2025
    • Modified: Nov. 13, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 4115 Results