CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-30587
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in shawfactor LH OGP Meta lh-ogp-meta-tags allows Stored XSS.This issue affects LH OGP Meta: from n/a through <= 1.73.

Mar 24, 2025
CVE-2025-30586
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in bbodine1 cTabs ctabs allows Stored XSS.This issue affects cTabs: from n/a through <= 1.3.

Mar 24, 2025
CVE-2025-30584
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in alphaomegaplugins AlphaOmega Captcha & Anti-Spam Filter alphaomega-captcha-anti-spam allows Stored XSS.This issue affects AlphaOmega Captcha & Anti-Spam Filter: from n/a …

Mar 24, 2025
CVE-2025-30583
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in ProRankTracker Pro Rank Tracker proranktracker allows Stored XSS.This issue affects Pro Rank Tracker: from n/a through <= 1.0.0.

Mar 24, 2025
CVE-2025-30578
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in hotvanrod AdSense Privacy Policy adsense-privacy-policy allows Stored XSS.This issue affects AdSense Privacy Policy: from n/a through <= 1.1.1.

Mar 24, 2025
CVE-2025-30577
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in mendibass Browser Address Bar Color browser-address-bar-color allows Stored XSS.This issue affects Browser Address Bar Color: from n/a through <= …

Mar 24, 2025
CVE-2025-30572
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in Igor Yavych Simple Rating simple-rating allows Stored XSS.This issue affects Simple Rating: from n/a through <= 1.4.

Mar 24, 2025
CVE-2025-30571
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in STEdb Corp. STEdb Forms stedb-forms allows SQL Injection.This issue affects STEdb …

Mar 24, 2025
CVE-2025-30570
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AliRezaMohammadi دکمه، شبکه اجتماعی خرید dokme allows SQL Injection.This issue affects …

Mar 24, 2025
CVE-2025-30569
8.5 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jahertor WP Featured Entries wp-featured-entries allows SQL Injection.This issue affects WP …

Mar 24, 2025
CVE-2025-30565
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in karrikas banner-manager banner-manager allows Stored XSS.This issue affects banner-manager: from n/a through <= 16.04.19.

Mar 24, 2025
CVE-2025-30564
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in wpwox Custom Script Integration custom-script-integration allows Stored XSS.This issue affects Custom Script Integration: from n/a through <= 2.1.

Mar 24, 2025
CVE-2025-30561
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in Henrique Mouta CAS Maestro cas-maestro allows Stored XSS.This issue affects CAS Maestro: from n/a through <= 1.1.3.

Mar 24, 2025
CVE-2025-30560
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through <= 3.0.

Mar 24, 2025
CVE-2025-30558
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in EnzoCostantini55 ANAC XML Render anac-xml-render allows Stored XSS.This issue affects ANAC XML Render: from n/a through <= 1.5.7.

Mar 24, 2025
CVE-2025-30555
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in iiiryan WordPres 同步微博 wp2wb allows Stored XSS.This issue affects WordPres 同步微博: from n/a through <= 1.1.0.

Mar 24, 2025
CVE-2025-30552
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in Donald Gilbert WordPress Admin Bar Improved wordpress-admin-bar-improved allows Stored XSS.This issue affects WordPress Admin Bar Improved: from n/a through …

Mar 24, 2025
CVE-2025-30550
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r callphoner allows Stored XSS.This issue affects CallPhone'r: from n/a through <= 1.1.1.

Mar 24, 2025
CVE-2025-30525
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ProfitShare.ro WP Profitshare wp-profitshare allows SQL Injection.This issue affects WP Profitshare: …

Mar 24, 2025
CVE-2025-30523
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marcel-NL Super Simple Subscriptions super-simple-subscriptions allows SQL Injection.This issue affects Super …

Mar 24, 2025
CVE-2025-30522
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design cf7-material-design allows Stored XSS.This issue affects Contact Form 7 Material Design: from …

Mar 24, 2025
CVE-2025-0835
7.8 HIGH

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.

Mar 24, 2025
CVE-2025-0478
7.8 HIGH

Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under …

Mar 24, 2025
CVE-2025-2684
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul Bank Locker Management System 1.0. This issue affects some unknown processing of the …

Mar 24, 2025
CVE-2025-2683
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Bank Locker Management System 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation …

Mar 24, 2025
CVE-2025-2682
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file /edit-subadmin.php?said=3. The …

Mar 24, 2025
CVE-2025-2681
7.3 HIGH

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality …

Mar 24, 2025
CVE-2025-2680
7.3 HIGH

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality …

Mar 24, 2025
CVE-2025-2679
7.3 HIGH

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been classified as critical. Affected is an unknown function of the file …

Mar 24, 2025
CVE-2025-2678
7.3 HIGH

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /changeimage1.php. …

Mar 24, 2025
CVE-2025-2677
7.3 HIGH

A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /changeidproof.php. …

Mar 24, 2025
CVE-2025-2676
7.3 HIGH

A vulnerability, which was classified as critical, was found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file /add-subadmin.php. …

Mar 24, 2025
CVE-2025-2675
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul Bank Locker Management System 1.0. Affected by this issue is some unknown functionality …

Mar 24, 2025
CVE-2025-2674
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Bank Locker Management System 1.0. Affected by this vulnerability is an unknown functionality of the file …

Mar 24, 2025
CVE-2025-2665
7.3 HIGH

A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been classified as critical. This affects an unknown part of the …

Mar 23, 2025
CVE-2025-2663
7.3 HIGH

A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of …

Mar 23, 2025
CVE-2025-2661
7.3 HIGH

A vulnerability was found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file …

Mar 23, 2025
CVE-2025-2660
7.3 HIGH

A vulnerability has been found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file …

Mar 23, 2025
CVE-2025-2659
7.3 HIGH

A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file …

Mar 23, 2025
CVE-2025-2658
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul Online Security Guards Hiring System 1.0. Affected by this issue is some unknown …

Mar 23, 2025
CVE-2025-2657
7.3 HIGH

A vulnerability classified as critical was found in projectworlds Apartment Visitors Management System 1.0. Affected by this vulnerability is an unknown functionality of the file …

Mar 23, 2025
CVE-2025-2656
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/login.php. The manipulation …

Mar 23, 2025
CVE-2025-2655
7.3 HIGH

A vulnerability was detected in SourceCodester AC Repair and Services System 1.0. The affected element is the function save_users/delete_users of the file /classes/Users.php. Performing manipulation …

Mar 23, 2025
CVE-2025-29795
7.8 HIGH

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.

Mar 23, 2025
CVE-2025-2654
7.3 HIGH

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the …

Mar 23, 2025
CVE-2025-2691
8.2 HIGH

Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide a hostname that resolves to a …

Mar 23, 2025
CVE-2025-27553
7.5 HIGH

Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. …

Mar 23, 2025
CVE-2025-2649
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Doctor Appointment Management System 1.0. This vulnerability affects unknown code of the file /check-appointment.php. The manipulation …

Mar 23, 2025
CVE-2025-2648
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.0. This affects an unknown part of the file /admin/view-enquiry-detail.php. The …

Mar 23, 2025
CVE-2025-2647
7.3 HIGH

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality …

Mar 23, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.