CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

112 matches found

Nuclei•added 12 hours ago•33 views

WordPress JNews Theme <8.0.6 - Cross-Site Scripting

WordPress JNews theme before 8.0.6 contains a reflected cross-site scripting vulnerability. It does not sanitize the catid parameter in the POST request /?ajax-request=jnews with action=jnewsbuildmegacategory. id: CVE-2021-24342 info: name: WordPress JNews Theme =8.0.6 to mitigate the XSS...

6.1CVSS6.1AI score0.02284EPSS

Exploits2References4

RedhatCVE•added 2026/01/23 9:16 p.m.•3 views

CVE-2025-68905

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through = 11.0.0...

7.5CVSS5.5AI score0.0022EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:16 p.m.•4 views

CVE-2025-68906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through = 11.0.2...

7.1CVSS5.4AI score0.00064EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:15 p.m.•2 views

CVE-2025-68904

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through = 11.0.0...

7.1CVSS5.4AI score0.00064EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•1 views

CVE-2025-68904

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through = 11.0.0...

7.1CVSS0.00064EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•1 views

CVE-2025-68905

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through = 11.0.0...

7.5CVSS0.0022EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•1 views

CVE-2025-68906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through = 11.0.2...

7.1CVSS0.00064EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-68905 WordPress JNews - Pay Writer plugin <= 11.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through = 11.0.0...

7.5CVSS5.9AI score0.0022EPSS

Exploits0References1

Cvelist•added 2026/01/22 4:52 p.m.•17 views

CVE-2025-68906 WordPress JNews - Video plugin <= 11.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through = 11.0.2...

7.1CVSS0.00064EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-68906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through = 11.0.2...

7.1CVSS5.3AI score0.00064EPSS

Exploits0References2

CVE•added 2026/01/22 4:52 p.m.•8 views

CVE-2025-68904

CVE-2025-68904 is a reflected XSS in jegtheme JNews - Frontend Submit. Public details from PT-2026-4106 confirm the flaw exists in versions up to and including 11.0.0, caused by improper neutralization of input during web page generation in the jnews-frontend-submit component. The issue is exploi...

7.1CVSS5.4AI score0.00064EPSS

Exploits0References1

Cvelist•added 2026/01/22 4:52 p.m.•14 views

CVE-2025-68905 WordPress JNews - Pay Writer plugin <= 11.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through = 11.0.0...

7.5CVSS0.0022EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•5 views

CVE-2025-68906

CVE-2025-68906 – JNews - Video (Jegtheme JNews - Video) Reflected XSS . The flaw is an improper neutralization of input during web page generation, enabling Reflected Cross-Site Scripting for the plugin up to version 11.0.2. Affected software: jegtheme JNews - Video; affected range: from n/a thro...

7.1CVSS5.4AI score0.00064EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-68905

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through = 11.0.0...

7.5CVSS5.4AI score0.0022EPSS

Exploits0References2

Cvelist•added 2026/01/22 4:52 p.m.•14 views

CVE-2025-68904 WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through = 11.0.0...

7.1CVSS0.00064EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-68904 WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through = 11.0.0...

7.1CVSS5.9AI score0.00064EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•7 views

CVE-2025-68905

CVE-2025-68905 is a Local File Inclusion vulnerability in the WordPress plugin JNews - Pay Writer (jegtheme JNews - Pay Writer) affecting versions up to and including 11.0.0. The issue arises from improper control of filenames used in PHP include/require statements, enabling an attacker to includ...

7.5CVSS5.5AI score0.0022EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-68904

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through = 11.0.0...

7.1CVSS5.3AI score0.00064EPSS

Exploits0References2

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-68906 WordPress JNews - Video plugin <= 11.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through = 11.0.2...

7.1CVSS5.9AI score0.00064EPSS

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•4 views

PT-2026-4108

Name of the Vulnerable Software and Affected Versions jegtheme JNews - Video versions through 11.0.2 Description The software contains a flaw due to improper neutralization of input during web page generation, specifically a Reflected Cross-Site Scripting XSS issue. This impacts the jnews-video...

5.3AI score0.00064EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by