CISA · government feed
Known Exploited Vulnerabilities
Vulnerabilities under active exploitation, mandated by CISA for federal patching.
4 total matches · showing 4
| CVE | Vendor / Product | Status | ||
|---|---|---|---|---|
| CVE-2026-41940 | WebPros cPanel & WHM and WP2 (WordPress Squared) | WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability | 2026-04-30 | Ransomware |
| CVE-2019-9978 | WordPress Social Warfare Plugin | WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability | 2021-11-03 | Active |
| CVE-2020-11738 | WordPress Snap Creek Duplicator Plugin | WordPress Snap Creek Duplicator Plugin File Download Vulnerability | 2021-11-03 | Active |
| CVE-2020-25213 | WordPress File Manager Plugin | WordPress File Manager Plugin Remote Code Execution Vulnerability | 2021-11-03 | Active |
Feedback
How was this page?
Spotted something off, or have an idea? Let us know.