Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6191 matches found

CVE
CVEadded 2025/09/06 4:22 a.m.20 views

CVE-2025-6757

CVE-2025-6757 – Recent Posts Widget Extended (WordPress) The vulnerability is in the Recent Posts Widget Extended plugin for WordPress, affecting versions up to and including 2.0.2. It is a Stored Cross-Site Scripting (XSS) flaw in the plugin’s rpwe shortcode caused by insufficient input sanitiza...

6.4CVSS4.7AI score0.00223EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/09/06 4:22 a.m.8 views

CVE-2025-6757 Recent Posts Widget Extended <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via rpwe Shortcode

The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00223EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/09/06 4:22 a.m.3 views

CVE-2025-6757 Recent Posts Widget Extended <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via rpwe Shortcode

The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS4.7AI score0.00223EPSS
Exploits0References4
NVD
NVDadded 2025/09/06 2:15 a.m.28 views

CVE-2025-7368

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

5.3CVSS0.00255EPSS
Exploits0References2
CVE
CVEadded 2025/09/06 1:45 a.m.18 views

CVE-2025-7368

CVE-2025-7368 — REHub WordPress Theme: Unauthenticated information exposure in REHub up to version 19.9.7 due to insufficient restrictions in the ajax_action_re_getfullcontent path, allowing access to password-protected post data. Affected: REHub Theme for WordPress (versions ≤ 19.9.7). Root caus...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/06 1:45 a.m.4 views

CVE-2025-7368 Rehub <= 19.9.7 - Unauthenticated Password Protected Post Disclosure

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/06 1:45 a.m.29 views

CVE-2025-7368 Rehub <= 19.9.7 - Unauthenticated Password Protected Post Disclosure

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

5.3CVSS0.00255EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/06 12:0 a.m.4 views

WordPress plugin Recent Posts Widget Extended Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS5.7AI score0.00223EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/09/06 12:0 a.m.5 views

PT-2025-36348

Name of the Vulnerable Software and Affected Versions: REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme versions prior to 19.9.8 Description: The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme for WordPress is susceptible to information exposure due to...

5.3CVSS6.1AI score0.00255EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2025/09/06 12:0 a.m.7 views

PT-2025-36364

Name of the Vulnerable Software and Affected Versions: Recent Posts Widget Extended plugin for WordPress versions up to and including 2.0.2 Description: The Recent Posts Widget Extended plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s rpwe shortcode...

6.4CVSS5AI score0.00223EPSS
Exploits0References9
Patchstack
Patchstackadded 2025/09/05 11:49 p.m.5 views

WordPress Rehub theme <= 19.9.7 - Unauthenticated Password Protected Post Disclosure vulnerability

Unauthenticated Password Protected Post Disclosure vulnerability discovered by stealthcopter in WordPress Theme Rehub versions = 19.9.7...

5.3CVSS7AI score0.00255EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/09/05 3:22 p.m.4 views

CVE-2025-58613

Missing Authorization vulnerability in Barn2 Plugins Posts Table with Search & Sort posts-data-table allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Table with Search & Sort: from n/a through = 1.4.10...

5.3CVSS5.9AI score0.0027EPSS
Exploits0References1
Circl
Circladded 2025/09/05 1:24 a.m.9 views

CVE-2025-54914

creationtimestamp| type| source ---|---|--- 2025-09-05 01:24:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2itfe2rk2z 2025-09-05 01:31:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3ly2ja3udi22l 2025-09-05 06:27:25+00:00| seen|...

10CVSS6AI score0.02241EPSS
Exploits2References9
Circl
Circladded 2025/09/04 9:58 a.m.5 views

CVE-2025-9300

creationtimestamp| type| source ---|---|--- 2025-09-04 09:58:57+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lxyv4h6xe22g 2025-09-04 10:14:36+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lxyvyg6zrk2g 2025-09-05 22:01:48+00:00| seen|...

7.8CVSS4.8AI score0.00225EPSS
Exploits1References3
NVD
NVDadded 2025/09/03 3:15 p.m.11 views

CVE-2025-58613

Missing Authorization vulnerability in Barn2 Plugins Posts Table with Search & Sort posts-data-table allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Table with Search & Sort: from n/a through = 1.4.10...

5.3CVSS0.0027EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/09/03 3:8 p.m.7 views

WordPress Posts Table with Search & Sort Plugin <= 1.4.10 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Bao - BlueRock in WordPress Plugin Posts Table with Search & Sort versions = 1.4.10...

5.3CVSS6.8AI score0.0027EPSS
Exploits0Affected Software1
Circl
Circladded 2025/09/03 2:52 p.m.3 views

CVE-2025-58057

creationtimestamp| type| source ---|---|--- 2025-09-03 14:52:18+00:00| published-proof-of-concept| https://github.com/netty/netty/security/advisories/GHSA-3p8m-j85q-pgmj 2025-10-13 02:31:27+00:00| seen| https://bsky.app/profile/gcpweekly.bsky.social/post/3m326cb6fsl26 2025-10-13 02:31:30+00:00|...

7.5CVSS6.4AI score0.00561EPSS
Exploits1References11
CVE
CVEadded 2025/09/03 2:36 p.m.13 views

CVE-2025-58613

CVE-2025-58613 concerns a Missing Authorization/Broken Access Control flaw in the WordPress plugin “Posts Table with Search & Sort” (Barn2 Plugins). The vulnerability affects versions up to 1.4.10 and is driven by incorrectly configured access control security levels, enabling unauthorized access...

5.3CVSS5.9AI score0.0027EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/03 2:36 p.m.23 views

CVE-2025-58613 WordPress Posts Table with Search & Sort Plugin <= 1.4.10 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Barn2 Plugins Posts Table with Search & Sort posts-data-table allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Table with Search & Sort: from n/a through = 1.4.10...

5.3CVSS0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/09/03 2:36 p.m.4 views

CVE-2025-58613 WordPress Posts Table with Search & Sort Plugin <= 1.4.10 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Barn2 Plugins Posts Table with Search & Sort posts-data-table allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Table with Search & Sort: from n/a through = 1.4.10...

5.3CVSS5.9AI score0.0027EPSS
Exploits0References1
Rows per page
Query Builder