Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11909 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-31065 1 Wordpress 1 Wordpress 2026-04-15 5.3 Medium
Missing Authorization vulnerability in themeton Rozario allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rozario: from n/a through 1.4.
CVE-2025-31378 1 Wordpress 1 Wordpress 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danbwb Oppso Unit Converter oppso-unit-converter allows Reflected XSS.This issue affects Oppso Unit Converter: from n/a through <= 1.1.1.
CVE-2025-31379 1 Wordpress 1 Wordpress 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in programphases Insert HTML Here insert-html-here allows Reflected XSS.This issue affects Insert HTML Here: from n/a through <= 1.0.
CVE-2025-31417 2 Fahad Mahmood, Wordpress 2 Wp Docs, Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through < 2.2.7.
CVE-2025-31418 1 Wordpress 1 Wordpress 2026-04-15 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noonnoo Gravel allows Reflected XSS.This issue affects Gravel: from n/a through 1.6.
CVE-2025-31420 1 Wordpress 1 Wordpress 2026-04-15 N/A
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through <= 2.4.2.
CVE-2025-31421 1 Wordpress 1 Wordpress 2026-04-15 N/A
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Oblak Studio Srbtranslatin srbtranslatin allows Retrieve Embedded Sensitive Data.This issue affects Srbtranslatin: from n/a through <= 3.2.0.
CVE-2025-31463 1 Wordpress 1 Wordpress 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in preetindersodhi TGG WP Optimizer tgg-wp-optimizer allows Stored XSS.This issue affects TGG WP Optimizer: from n/a through <= 1.25.
CVE-2025-31467 1 Wordpress 1 Wordpress 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in miro.mannino Flickr Photostream flickr-photostream allows Reflected XSS.This issue affects Flickr Photostream: from n/a through <= 3.1.8.
CVE-2025-31540 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in acmemediakits ACME Divi Modules acme-divi-modules allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ACME Divi Modules: from n/a through <= 1.3.5.
CVE-2025-31596 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in Chatwee Chat by Chatwee chatwee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat by Chatwee: from n/a through <= 2.1.3.
CVE-2025-31607 1 Wordpress 1 Wordpress 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flomei Simple-Audioplayer simple-audioplayer allows Stored XSS.This issue affects Simple-Audioplayer: from n/a through <= 1.1.
CVE-2025-31639 1 Wordpress 1 Wordpress 2026-04-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request Forgery. This issue affects Spare: from n/a through 1.7.
CVE-2025-31641 1 Wordpress 1 Wordpress 2026-04-15 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup UberSlider uber-classic allows SQL Injection.This issue affects UberSlider: from n/a through < 2.6.
CVE-2025-31752 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in termel Bulk Fields Editor bulk-user-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Fields Editor: from n/a through <= 1.8.0.
CVE-2025-31753 1 Wordpress 1 Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Animesh Kumar Advanced Speed Increaser advanced-speed-increaser.This issue affects Advanced Speed Increaser: from n/a through <= 2.2.1.
CVE-2025-31782 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in pupunzi mb.YTPlayer wpmbytplayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects mb.YTPlayer: from n/a through <= 3.3.8.
CVE-2025-31784 1 Wordpress 1 Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Rudy Susanto Embed Extended embed-extended allows Cross Site Request Forgery.This issue affects Embed Extended: from n/a through <= 1.4.0.
CVE-2025-31830 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in Uriahs Victor Printus printus-cloud-printing-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Printus: from n/a through <= 1.2.6.
CVE-2025-31831 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through <= 1.1.7.