CVE Lookup

Search Common Vulnerabilities and Exposures (CVE) by number.

Latest CVEs


PublishedCVETitleDomains
Apr 13, 2026CVE-2025-15441Form Maker < 1.15.38 - SQL Injection4,975
Apr 11, 2026CVE-2026-4895Greenshift <= 12.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via disablelazy Attribute1,285
Apr 11, 2026CVE-2026-4979UsersWP <= 1.2.58 - Authenticated (Subscriber+) Server-Side Request Forgery via 'uwp_crop' Parameter3,221
Apr 11, 2026CVE-2026-3498BlockArt Blocks <= 2.2.15 - Authenticated (Author+) Stored Cross-Site Scripting via 'clientId' Block Attribute364
Apr 11, 2026CVE-2026-3358Tutor LMS <= 3.9.7 - Missing Authorization to Authenticated (Subscriber+) Unauthorized Private Course Enrollment8,493
Apr 11, 2026CVE-2026-3371Tutor LMS <= 3.9.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Course Content Modification8,493
Apr 11, 2026CVE-2026-5207LifterLMS <= 9.2.1 - Authenticated (Custom+) SQL Injection via 'order' Parameter1,829
Apr 11, 2026CVE-2026-5809wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion via 'data[body][fileurl]' Parameter4,618
Apr 10, 2026CVE-2026-4351Perfmatters <= 2.5.9 - Authenticated (Subscriber+) Arbitrary File Overwrite via 'snippets' Parameter17,092
Apr 10, 2026CVE-2026-3360Tutor LMS <= 3.9.7 - Missing Authorization to Unauthenticated Arbitrary Billing Profile Overwrite via 'order_id' Parameter8,493
See complete list of latest CVEs

List of the most common Common Vulnerabilities and Exposures (CVEs)


PublishedCVETitleDomains
Apr 29, 2020CVE-2020-11023Potential XSS vulnerability in jQuery7,099,257
Apr 19, 2019CVE-2019-11358jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(t...6,831,931
Jan 18, 2018CVE-2015-9251jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax req...6,012,414
Mar 22, 2026CVE-2026-3427Yoast SEO <= 27.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute3,738,996
Apr 29, 2020CVE-2020-11022jQuery has a potential XSS vulnerability3,491,397
Mar 24, 2026CVE-2026-27651NGINX ngx_mail_auth_http_module vulnerability3,104,928
Mar 24, 2026CVE-2026-28753NGINX ngx_mail_proxy_module vulnerability3,104,753
Mar 24, 2026CVE-2026-27784NGINX ngx_http_mp4_module vulnerability3,092,114
Mar 24, 2026CVE-2026-32647NGINX ngx_http_mp4_module vulnerability3,092,114
Feb 4, 2026CVE-2026-1642NGINX vulnerability3,059,707
See complete CVE list