Export limit exceeded: 345450 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45497 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45497 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31861 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPOrbit Support Perfect Font Awesome Integration perfect-font-awesome-integration allows Stored XSS.This issue affects Perfect Font Awesome Integration: from n/a through <= 2.3. | ||||
| CVE-2025-31847 | 2 Themelooks, Wordpress | 2 Mfolio Lite, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themelooks mFolio Lite mfolio-lite allows DOM-Based XSS.This issue affects mFolio Lite: from n/a through <= 1.2.3. | ||||
| CVE-2025-31837 | 2026-04-15 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3. | ||||
| CVE-2025-31829 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devscred ShopCred shopcred allows DOM-Based XSS.This issue affects ShopCred: from n/a through <= 1.3.0. | ||||
| CVE-2025-31823 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through <= 1.1.9. | ||||
| CVE-2025-31819 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixelgrade Nova Blocks nova-blocks.This issue affects Nova Blocks: from n/a through <= 2.1.8. | ||||
| CVE-2025-31818 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ContentBot.ai ContentBot AI Writer content-bot allows Stored XSS.This issue affects ContentBot AI Writer: from n/a through <= 1.2.4. | ||||
| CVE-2025-31817 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWheels BlockWheels blockwheels allows DOM-Based XSS.This issue affects BlockWheels: from n/a through <= 1.0.2. | ||||
| CVE-2025-31815 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devscred Design Blocks exclusive-blocks allows Stored XSS.This issue affects Design Blocks: from n/a through <= 1.2.5. | ||||
| CVE-2024-47382 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through <= 5.6. | ||||
| CVE-2025-31812 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas BuddyPress Members Only buddypress-members-only allows Stored XSS.This issue affects BuddyPress Members Only: from n/a through <= 3.5.3. | ||||
| CVE-2025-31811 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtreeme Planyo online reservation system planyo-online-reservation-system allows Stored XSS.This issue affects Planyo online reservation system: from n/a through <= 3.1. | ||||
| CVE-2025-31801 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Reflected XSS.This issue affects MX Time Zone Clocks: from n/a through <= 5.1.1. | ||||
| CVE-2024-41673 | 1 Decidim | 1 Decidim | 2026-04-15 | 7.1 High |
| Decidim is a participatory democracy framework. The version control feature used in resources is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.27.8. | ||||
| CVE-2025-31792 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Stored XSS.This issue affects Piotnet Forms: from n/a through <= 1.0.30. | ||||
| CVE-2025-31790 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Binsaifullah Posten posten-post-blocks allows DOM-Based XSS.This issue affects Posten: from n/a through <= 0.0.1. | ||||
| CVE-2025-31783 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leartes.NET Leartes TRY Exchange Rates leartes-try-exchange-rates allows Stored XSS.This issue affects Leartes TRY Exchange Rates: from n/a through <= 2.1. | ||||
| CVE-2025-31778 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raphaelheide Donate Me donate-me allows Reflected XSS.This issue affects Donate Me: from n/a through <= 1.2.5. | ||||
| CVE-2024-43163 | 1 Parcel Panel | 1 Parcelpanel Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Parcel Panel ParcelPanel allows Reflected XSS.This issue affects ParcelPanel: from n/a through 4.3.2. | ||||
| CVE-2024-43164 | 2 Blockspare, Wordpress | 2 Blockspare, Wordpress | 2026-04-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Blockspare allows Stored XSS.This issue affects Blockspare: from n/a through 3.2.0. | ||||