Mstw League Manager CVEs and Security Vulnerabilities

Export limit exceeded: 346880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '’' (at char 13), (line:1, col:14)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346880 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-48105	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Boiardt Easy Flash Embed easy-flash-embed allows Stored XSS.This issue affects Easy Flash Embed: from n/a through <= 1.0.
CVE-2025-48104	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in ericzane Floating Window Music Player floating-window-music-player allows Stored XSS.This issue affects Floating Window Music Player: from n/a through <= 3.4.2.
CVE-2025-48103	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mulscully Today's Date Inserter todays-date-inserter allows Stored XSS.This issue affects Today's Date Inserter: from n/a through <= 1.2.1.
CVE-2025-48102			2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gourl GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership gourl-bitcoin-payment-gateway-paid-downloads-membership allows Stored XSS.This issue affects GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership: from n/a through <= 1.6.6.
CVE-2025-48101	2 Webdevstudios, Wordpress	2 Constant Contact For Wordpress, Wordpress	2026-04-23	8.8 High
Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress constant-contact-api allows Object Injection.This issue affects Constant Contact for WordPress: from n/a through <= 4.1.1.
CVE-2025-48100			2026-04-23	9.1 Critical
Improper Control of Generation of Code ('Code Injection') vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Remote Code Inclusion.This issue affects bidorbuy Store Integrator: from n/a through <= 2.12.0.
CVE-2025-48096	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom CSS: from n/a through <= 1.4.0.
CVE-2025-48088	2 Brainstormforce, Wordpress	2 Ultimate Addons For Wpbakery Page Builder, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm_Force Ultimate Addons for WPBakery Page Builder ultimate_vc_addons allows Stored XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through < 3.21.1.
CVE-2025-48087	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason C. Memberlite Shortcodes memberlite-shortcodes allows Stored XSS.This issue affects Memberlite Shortcodes: from n/a through <= 1.4.1.
CVE-2025-48081	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Path Traversal: '.../...//' vulnerability in Printeers Printeers Print & Ship invition-print-ship allows Path Traversal.This issue affects Printeers Print & Ship: from n/a through <= 1.17.0.
CVE-2025-48080			2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.2.
CVE-2025-48079	1 Metagauss	1 Profilegrid	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfileGrid : from n/a through <= 5.9.5.1.
CVE-2025-48077	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block Country block-country allows Stored XSS.This issue affects Block Country: from n/a through <= 1.0.
CVE-2025-47696	2 Solwin, Wordpress	2 Blog Designer Pro, Wordpress	2026-04-23	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7.
CVE-2025-47695	1 Wordpress	1 Wordpress	2026-04-23	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7.
CVE-2025-47694	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7.
CVE-2025-47693	1 Roninwp	1 Fat Services Booking	2026-04-23	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Services Booking fat-services-booking allows PHP Local File Inclusion.This issue affects FAT Services Booking: from n/a through <= 5.5.
CVE-2025-47692	1 Contentstudio	1 Contentstudio	2026-04-23	4.3 Medium
Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contentstudio: from n/a through <= 1.3.5.
CVE-2025-47691			2026-04-23	5.5 Medium
Improper Control of Generation of Code ('Code Injection') vulnerability in Ultimate Member Ultimate Member ultimate-member allows Code Injection.This issue affects Ultimate Member: from n/a through <= 2.10.3.
CVE-2025-47690			2026-04-23	8.8 High
Missing Authorization vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Privilege Escalation.This issue affects Lead Form Data Collection to CRM: from n/a through <= 3.1.

« first previous Page 287 of 17344. next last »