CVE Database

37604+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-28948
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in codedraft Mediabay - WordPress Media Library Folders allows Reflected XSS. This issue affects Mediabay - WordPress Media Library Folders: …

Jun 6, 2025
CVE-2025-26590
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nir Complete Google Seo Scan complete-google-seo-scan allows SQL Injection.This issue affects …

Jun 6, 2025
CVE-2023-26003
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector allows SQL Injection. This issue affects …

Jun 6, 2025
CVE-2023-25995
7.5 HIGH

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator allows PHP Local File Inclusion. …

Jun 6, 2025
CVE-2025-48329
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows Reflected XSS.This issue …

Jun 6, 2025
CVE-2025-47584
8.5 HIGH

Deserialization of Untrusted Data vulnerability in ThemeGoods Photography.This issue affects Photography: from n/a through 7.5.2.

Jun 6, 2025
CVE-2025-39358
8.8 HIGH

Deserialization of Untrusted Data vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Object Injection.This issue affects WP Posts Carousel: from n/a through <= 1.3.12.

Jun 6, 2025
CVE-2025-5759
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. This vulnerability affects unknown code of the file /admin/edit-person-detail.php?editid=2. …

Jun 6, 2025
CVE-2025-5758
7.3 HIGH

A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. …

Jun 6, 2025
CVE-2025-5756
7.3 HIGH

A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown …

Jun 6, 2025
CVE-2025-5755
7.3 HIGH

A vulnerability was found in SourceCodester Open Source Clinic Management System 1.0. It has been classified as critical. Affected is an unknown function of the …

Jun 6, 2025
CVE-2025-5192
7.5 HIGH

A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers …

Jun 6, 2025
CVE-2025-48784
7.5 HIGH

A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.

Jun 6, 2025
CVE-2025-48783
7.5 HIGH

An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 …

Jun 6, 2025
CVE-2025-48781
7.5 HIGH

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 …

Jun 6, 2025
CVE-2025-5739
8.8 HIGH

A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formSaveConfig of the component HTTP …

Jun 6, 2025
CVE-2025-5738
8.8 HIGH

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file …

Jun 6, 2025
CVE-2025-5737
8.8 HIGH

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file …

Jun 6, 2025
CVE-2025-5736
8.8 HIGH

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formNtp of the …

Jun 6, 2025
CVE-2025-5735
8.8 HIGH

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formSetLg of the component …

Jun 6, 2025
CVE-2025-5734
8.8 HIGH

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component …

Jun 6, 2025
CVE-2025-5018
7.1 HIGH

The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hs_update_ai_chat_settings() and …

Jun 6, 2025
CVE-2025-48911
8.2 HIGH

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability.

Jun 6, 2025
CVE-2025-48909
7.1 HIGH

Bypass vulnerability in the device management channel Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Jun 6, 2025
CVE-2025-48906
8.8 HIGH

Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability.

Jun 6, 2025
CVE-2025-48905
8.1 HIGH

Wasm exception capture vulnerability in the arkweb v8 module Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.

Jun 6, 2025
CVE-2025-48903
7.8 HIGH

Permission bypass vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect availability.

Jun 6, 2025
CVE-2023-2921
8.8 HIGH

The Short URL WordPress plugin through 1.6.8 does not properly sanitise and escape a parameter before using it in SQL statement, leading to a SQL …

Jun 6, 2025
CVE-2025-5716
7.3 HIGH

A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. …

Jun 6, 2025
CVE-2025-5712
7.3 HIGH

A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality …

Jun 6, 2025
CVE-2025-5711
7.3 HIGH

A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file …

Jun 6, 2025
CVE-2025-5710
7.3 HIGH

A vulnerability, which was classified as critical, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of …

Jun 6, 2025
CVE-2025-5709
7.3 HIGH

A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. This vulnerability affects unknown code of the file /Admin/InsertCategory.php. The …

Jun 6, 2025
CVE-2025-5708
7.3 HIGH

A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /Admin/NewsReport.php. …

Jun 6, 2025
CVE-2025-5707
7.3 HIGH

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown …

Jun 6, 2025
CVE-2025-5706
7.3 HIGH

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown …

Jun 6, 2025
CVE-2025-5705
7.3 HIGH

A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the …

Jun 6, 2025
CVE-2025-5704
7.3 HIGH

A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file …

Jun 5, 2025
CVE-2025-5685
8.8 HIGH

A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of …

Jun 5, 2025
CVE-2025-43026
7.8 HIGH

A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker …

Jun 5, 2025
CVE-2025-5677
7.3 HIGH

A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the …

Jun 5, 2025
CVE-2025-5676
7.3 HIGH

A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file …

Jun 5, 2025
CVE-2025-5675
7.3 HIGH

A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been classified as critical. This affects an unknown part of the …

Jun 5, 2025
CVE-2025-5672
8.8 HIGH

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of …

Jun 5, 2025
CVE-2025-5671
8.8 HIGH

A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw …

Jun 5, 2025
CVE-2025-5667
7.3 HIGH

A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the …

Jun 5, 2025
CVE-2025-5666
7.3 HIGH

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the …

Jun 5, 2025
CVE-2025-5665
7.3 HIGH

A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component XCWD Command …

Jun 5, 2025
CVE-2025-5664
7.3 HIGH

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. …

Jun 5, 2025
CVE-2025-5663
7.3 HIGH

A vulnerability has been found in PHPGurukul Auto Taxi Stand Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file …

Jun 5, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.