• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 3,061 - 3,080 of 260,079 in total
WordPress Plugin: houzez-property-feed: CVE-2025-30793: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Published: March 29, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: wp-smushit: CVE-2025-22288: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Published: March 29, 2025 | Severity: 3
vulnerability
Explore
WordPress Plugin: cost-calculator-builder: CVE-2025-31414: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 29, 2025 | Severity: 7
vulnerability
Explore
Amazon Linux AMI 2: CVE-2025-1217: Security patch for php (ALASPHP8.2-2025-007)
Published: March 29, 2025 | Severity: 9
vulnerability
Explore
Ubuntu: USN-7400-1 (CVE-2025-1217): PHP vulnerabilities
Published: March 29, 2025 | Severity: 9
vulnerability
Explore
Red Hat: CVE-2025-1217: php: Header parser of http stream wrapper does not handle folded headers (Multiple Advisories)
Published: March 29, 2025 | Severity: 3
vulnerability
Explore
Amazon Linux 2023: CVE-2025-1217: Medium priority package update for php8.1 (Multiple Advisories)
Published: March 29, 2025 | Severity: 3
vulnerability
Explore
WordPress Plugin: quiz-maker: CVE-2025-30774: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Published: March 29, 2025 | Severity: 8
vulnerability
Explore
Oracle Linux: CVE-2025-1217: ELSA-2025-4263: php:8.1 security update (MODERATE)
Published: March 29, 2025 | Severity: 3
vulnerability
Explore
WordPress Plugin: subscribe-to-download-lite: CVE-2025-30782: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Published: March 29, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: jet-smart-filters: CVE-2025-30963: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 29, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: jet-woo-product-gallery: CVE-2025-31412: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 29, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: jet-search: CVE-2025-31043: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 29, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: jet-woo-builder: CVE-2025-31016: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Published: March 29, 2025 | Severity: 7
vulnerability
Explore
Alma Linux: CVE-2025-1217: Moderate: php:8.1 security update (ALSA-2025-4263)
Published: March 29, 2025 | Severity: 9
vulnerability
Explore
WordPress Plugin: rps-include-content: CVE-2025-31093: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 28, 2025 | Severity: 7
vulnerability
Explore
Debian: CVE-2025-31335: opensaml -- security update
Published: March 28, 2025 | Severity: 9
vulnerability
Explore
Debian: CVE-2025-30232: exim4 -- security update
Published: March 28, 2025 | Severity: 8
vulnerability
Explore
Red Hat JBossEAP: Cross-site Scripting (CVE-2025-2901)
Published: March 28, 2025 | Severity: 5
vulnerability
Explore
WordPress Plugin: leaky-paywall: CVE-2025-31083: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 28, 2025 | Severity: 7
vulnerability
Explore