CVEs and Security Vulnerabilities

Export limit exceeded: 44779 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44779 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-63027	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webcreations907 WBC907 Core wbc907-core allows Stored XSS.This issue affects WBC907 Core: from n/a through <= 3.4.1.
CVE-2025-63021	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codetipi Valenti Engine valenti-engine allows DOM-Based XSS.This issue affects Valenti Engine: from n/a through <= 1.0.3.
CVE-2025-63020	2 Wayne Allen, Wordpress	2 Postie, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through <= 1.9.73.
CVE-2025-63005	2 Tooltips, Wordpress	2 Wordpress Tooltips, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas WordPress Tooltips wordpress-tooltips allows Stored XSS.This issue affects WordPress Tooltips: from n/a through <= 10.9.3.
CVE-2025-63000	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpforchurch Sermon Manager sermon-manager-for-wordpress allows Stored XSS.This issue affects Sermon Manager: from n/a through <= 2.30.0.
CVE-2025-62991	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thinkupthemes Minamaze minamaze allows Stored XSS.This issue affects Minamaze: from n/a through <= 1.10.1.
CVE-2025-62990	2 Livemesh, Wordpress	2 Livemesh Addons For Beaver Builder, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in livemesh Livemesh Addons for Beaver Builder addons-for-beaver-builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through <= 3.9.2.
CVE-2025-62989	2 Boxystudio, Wordpress	2 Cooked, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gora Tech Cooked cooked allows Stored XSS.This issue affects Cooked: from n/a through <= 1.11.3.
CVE-2025-62926	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyDevs TempTool [Show Current Template Info] current-template-name allows Stored XSS.This issue affects TempTool [Show Current Template Info]: from n/a through <= 1.3.1.
CVE-2025-62901	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tormorten WP Microdata wp-microdata allows Stored XSS.This issue affects WP Microdata: from n/a through <= 1.0.
CVE-2025-62761	2 Basepress, Wordpress	2 Knowledge Base Documentation & Wiki Plugin, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BasePress Knowledge Base documentation & wiki plugin – BasePress basepress allows Stored XSS.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through <= 2.17.0.1.
CVE-2025-62760	2 Buddypress, Wordpress	2 Buddypress, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BuddyDev BuddyPress Activity Shortcode bp-activity-shortcode allows Stored XSS.This issue affects BuddyPress Activity Shortcode: from n/a through <= 1.1.8.
CVE-2025-62759	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through <= 2.0.1.
CVE-2025-62758	2 Funnelforms, Wordpress	2 Funnelforms Free, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Funnelforms Funnelforms Free funnelforms-free allows DOM-Based XSS.This issue affects Funnelforms Free: from n/a through <= 3.8.
CVE-2025-62757	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebMan Design \| Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through <= 1.5.12.
CVE-2025-62756	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lvaudore The Moneytizer the-moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through <= 10.0.9.
CVE-2025-62752	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through <= 1.0.13.
CVE-2025-62750	2 Filipe Seabra, Wordpress	2 Woocommerce Parcelas, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Filipe Seabra WooCommerce Parcelas woocommerce-parcelas allows DOM-Based XSS.This issue affects WooCommerce Parcelas: from n/a through <= 1.3.5.
CVE-2025-62749	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bainternet User Specific Content user-specific-content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through <= 1.0.6.
CVE-2025-62748	3 Genetech Products, Woocommerce, Wordpress	3 Web And Woocommerce Addons For Wpbakery Builder, Woocommerce, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through <= 1.5.

« first previous Page 12 of 2239. next last »