Proc\ CVEs and Security Vulnerabilities

Export limit exceeded: 347380 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 35), (line:1, col:36)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347380 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-60143	2 Netgsm, Wordpress	2 Netgsm, Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in netgsm Netgsm netgsm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Netgsm: from n/a through <= 2.9.69.
CVE-2025-60130	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in wedos.com WEDOS Global wgpwpp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WEDOS Global: from n/a through <= 1.2.2.
CVE-2025-60084	3 Add-ons.org, Elementor, Wordpress	3 Pdf-for-elementor-forms, Elementor, Wordpress	2026-04-28	8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through <= 6.5.0.
CVE-2025-60078	1 Wordpress	1 Wordpress	2026-04-28	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Agence web Eoxia – Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through <= 3.0.2.
CVE-2025-59590	2 Davidlingren, Wordpress	2 Media Library Assistant, Wordpress	2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through <= 3.28.
CVE-2025-58982	2 Pixeline, Wordpress	2 Email Protector, Wordpress	2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixeline Pixeline's Email Protector pixelines-email-protector allows Stored XSS.This issue affects Pixeline's Email Protector: from n/a through <= 1.3.8.
CVE-2025-58965	2 Agency Dominion, Wordpress	2 Fusion Page Builder, Wordpress	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agency Dominion Inc. Fusion Page Builder : Extension – Gallery fusion-extension-gallery allows Stored XSS.This issue affects Fusion Page Builder : Extension – Gallery: from n/a through <= 1.7.6.
CVE-2025-58887			2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Course Finder \| andré martin - it solutions & research UG Course Booking Platform course-booking-platform allows Stored XSS.This issue affects Course Booking Platform: from n/a through <= 1.0.0.
CVE-2025-58825	1 Wordpress	1 Wordpress	2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Habibur Rahman Comment Form WP – Customize Default Comment Form comment-form-wp allows Stored XSS.This issue affects Comment Form WP – Customize Default Comment Form: from n/a through <= 2.0.1.
CVE-2025-58800			2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through <= 2.8.5.
CVE-2025-58794			2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Cross Site Request Forgery.This issue affects Notification for Telegram: from n/a through <= 3.5.
CVE-2025-58689	2 Tapfiliate, Wordpress	2 Tapfiliate, Wordpress	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tapfiliate Tapfiliate tapfiliate allows Stored XSS.This issue affects Tapfiliate: from n/a through <= 3.2.2.
CVE-2025-58785			2026-04-28	5.4 Medium
Missing Authorization vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ray Enterprise Translation: from n/a through <= 1.7.2.
CVE-2025-58658	1 Wordpress	1 Wordpress	2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proof Factor LLC Proof Factor – Social Proof Notifications proof-factor-social-proof-notifications allows Stored XSS.This issue affects Proof Factor – Social Proof Notifications: from n/a through <= 1.0.5.
CVE-2025-58607	2 Gdprinfo, Wordpress	2 Cookie Notice & Consent Banner For Gdpr & Ccpa Compliance, Wordpress	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance: from n/a through <= 1.7.11.
CVE-2025-58265	1 Wordpress	1 Wordpress	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stonehenge Creations Events Manager – OpenStreetMaps stonehenge-em-osm allows Stored XSS.This issue affects Events Manager – OpenStreetMaps: from n/a through <= 4.2.1.
CVE-2025-58220	2 Techeshta, Wordpress	2 Card Elements For Wpbakery, Wordpress	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Techeshta Card Elements for WPBakery card-elements-for-wpbakery allows DOM-Based XSS.This issue affects Card Elements for WPBakery: from n/a through <= 1.0.8.
CVE-2025-58201	2 Aftership & Automizely, Wordpress	2 Aftership Tracking, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in AfterShip & Automizely AfterShip Tracking aftership-woocommerce-tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AfterShip Tracking: from n/a through <= 1.17.17.
CVE-2025-58016	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Codexpert, Inc CF7 Submissions cf7-submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Submissions: from n/a through <= 0.26.
CVE-2025-58023	1 Wordpress	1 Wordpress	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through <= 2.2.7.

« first previous Page 126 of 17369. next last »