Export limit exceeded: 346880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69363 | 2 Cyberchimps, Wordpress | 2 Responsive Addons For Elementor, Wordpress | 2026-04-24 | 6.5 Medium |
| Missing Authorization vulnerability in CyberChimps Responsive Addons for Elementor responsive-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Addons for Elementor: from n/a through <= 2.0.8. | ||||
| CVE-2025-69364 | 2 Cloudways, Wordpress | 2 Breeze, Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.2.21. | ||||
| CVE-2025-12551 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins ListingHub listinghub allows Reflected XSS.This issue affects ListingHub: from n/a through 1.2.6. | ||||
| CVE-2025-13504 | 2 E-plugins, Wordpress | 2 Real Estate Pro, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Real Estate Pro real-estate-pro allows Reflected XSS.This issue affects Real Estate Pro: from n/a through <= 2.1.4. | ||||
| CVE-2025-14358 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.5 High |
| Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects REHub Framework: from n/a through <= 19.9.5. | ||||
| CVE-2025-14360 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.5 High |
| Missing Authorization vulnerability in Kaira Blockons blockons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockons: from n/a through <= 1.2.19. | ||||
| CVE-2025-14429 | 2 Thememove, Wordpress | 2 Aeroland, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through <= 1.6.6. | ||||
| CVE-2025-14430 | 2 Thememove, Wordpress | 2 Brook, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Brook brook allows PHP Local File Inclusion.This issue affects Brook: from n/a through <= 2.9.0. | ||||
| CVE-2025-14431 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in THEMELOGI Navian navian allows PHP Local File Inclusion.This issue affects Navian: from n/a through <= 1.5.4. | ||||
| CVE-2025-22725 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Stored XSS.This issue affects WP Virtual Assistant: from n/a through <= 3.1. | ||||
| CVE-2025-27002 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through <= 1.5. | ||||
| CVE-2025-27004 | 2 Lambertgroup, Wordpress | 2 Famous-responsive Image And Video Grid Gallery Wordpress Plugin, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Famous - Responsive Image And Video Grid Gallery WordPress Plugin famous_grid_image_and_video_gallery allows Reflected XSS.This issue affects Famous - Responsive Image And Video Grid Gallery WordPress Plugin: from n/a through <= 1.4. | ||||
| CVE-2025-67916 | 2 Astoundify, Wordpress | 2 Jobify, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Jobify jobify allows Reflected XSS.This issue affects Jobify: from n/a through <= 4.3.0. | ||||
| CVE-2025-67918 | 2 Wofficeio, Wordpress | 2 Woffice Core, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WofficeIO Woffice woffice allows Reflected XSS.This issue affects Woffice: from n/a through <= 5.4.30. | ||||
| CVE-2025-67920 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Neo Ocular neoocular allows PHP Local File Inclusion.This issue affects Neo Ocular: from n/a through < 1.2. | ||||
| CVE-2025-67922 | 2 Themegoods, Wordpress | 2 Grand Restaurant, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through < 7.0.9. | ||||
| CVE-2025-67925 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zozothemes Corpkit corpkit allows PHP Local File Inclusion.This issue affects Corpkit: from n/a through <= 2.0. | ||||
| CVE-2025-67927 | 2 Spencer Haws, Wordpress | 2 Link Whisper Free, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through <= 0.8.8. | ||||
| CVE-2025-67930 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vernon Systems Limited eHive Search ehive-search allows Reflected XSS.This issue affects eHive Search: from n/a through <= 2.5.0. | ||||
| CVE-2025-67932 | 2 Purethemes, Wordpress | 2 Listeo, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes Listeo Core listeo-core allows Reflected XSS.This issue affects Listeo Core: from n/a through < 2.0.19. | ||||