CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (46110 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-22793			2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bold Bold pagos en linea bold-pagos-en-linea allows DOM-Based XSS.This issue affects Bold pagos en linea: from n/a through <= 3.1.4.
CVE-2025-22353			2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bvads BVD Easy Gallery Manager bvd-easy-gallery-manager allows Reflected XSS.This issue affects BVD Easy Gallery Manager: from n/a through <= 1.0.6.
CVE-2025-23429			2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in altima-interactive Altima Lookbook Free for WooCommerce altima-lookbook-free-for-woocommerce allows Reflected XSS.This issue affects Altima Lookbook Free for WooCommerce: from n/a through <= 1.1.0.
CVE-2025-23432	1 Wordpress	1 Wordpress	2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlTi5 AlT Report alt-report allows Reflected XSS.This issue affects AlT Report: from n/a through <= 1.12.0.
CVE-2025-22711	1 Wordpress	1 Wordpress	2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Maier Image Source Control image-source-control-isc allows Reflected XSS.This issue affects Image Source Control: from n/a through <= 2.29.0.
CVE-2025-22295			2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tripetto WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto tripetto allows Stored XSS.This issue affects WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto: from n/a through <= 8.0.6.
CVE-2024-49316	1 Wordpress	1 Wordpress	2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zodiac Akismet htaccess writer akismet-htaccess-writer allows Reflected XSS.This issue affects Akismet htaccess writer: from n/a through <= 1.0.1.
CVE-2024-49248			2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spacetime Ad Inserter ad-inserter allows Reflected XSS.This issue affects Ad Inserter: from n/a through <= 2.7.37.
CVE-2024-49239	1 Nikhilvaghela	1 Add Categories Post Footer	2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nikhilvaghela Add Categories Post Footer add-categories-post-footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through <= 2.2.2.
CVE-2024-49238	1 Dh9sb.dx-info	1 Adif Log Search Widget	2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in emka73 ADIF Log Search Widget adif-log-search-widget allows Reflected XSS.This issue affects ADIF Log Search Widget: from n/a through <= 1.0f.
CVE-2024-49240	1 Agustinberasategui	1 Ab Categories Search Widget	2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajberasategui AB Categories Search Widget ab-categories-search-widget allows Reflected XSS.This issue affects AB Categories Search Widget : from n/a through <= 0.2.5.
CVE-2024-49230	1 Harpreetsingh	1 Ajax Custom Css\/js	2026-04-29	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harry005 Ajax Custom CSS/JS ajax-awesome-css allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through <= 2.0.4.
CVE-2024-49224	1 Maheshpatel	1 Mitm Bug Tracker	2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mahesh_9696 Mitm Bug Tracker mitm-bug-tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through <= 1.0.
CVE-2023-49158			2026-04-29	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Binh Nguyen LadiApp ladipage allows Stored XSS.This issue affects LadiApp: from n/a through <= 4.4.
CVE-2023-47759	1 Premio	1 Chaty	2026-04-29	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Premio Chaty chaty allows DOM-Based XSS.This issue affects Chaty: from n/a through <= 3.1.2.
CVE-2023-47190	1 Apollo13themes	1 Apollo13 Framework Extensions	2026-04-29	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin <= 1.9.0 versions.
CVE-2023-47185	1 Gvectors	1 Wpdiscuz	2026-04-29	7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
CVE-2023-46626	1 Flowfact	1 Flowfact	2026-04-29	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FLOWFACT WP Connector plugin <= 2.1.7 versions.
CVE-2023-46640	1 Drelton	1 Medialist	2026-04-29	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin <= 1.3.9 versions.
CVE-2023-46783	1 Brightplugins	1 Pre-orders For Woocommerce	2026-04-29	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin <= 1.2.13 versions.

« first previous Page 30 of 2306. next last »