Export limit exceeded: 45496 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45496 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58017 | 2 Bdthemes, Wordpress | 2 Utlimate Store Kit Elementor Addons, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through <= 2.8.6. | ||||
| CVE-2025-22678 | 2026-04-15 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mythemes my white allows Reflected XSS.This issue affects my white: from n/a through 2.0.8. | ||||
| CVE-2025-58018 | 2 Richard Leishman, Wordpress | 2 Mail Subscribe List, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman Mail Subscribe List mail-subscribe-list allows Stored XSS.This issue affects Mail Subscribe List: from n/a through <= 2.1.10. | ||||
| CVE-2025-32311 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Pressroom pressroom allows Reflected XSS.This issue affects Pressroom: from n/a through <= 7.0. | ||||
| CVE-2025-58020 | 2 Jeroen Schmit, Wordpress | 2 Theater For Wordpress, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for WordPress: from n/a through <= 0.18.8. | ||||
| CVE-2025-58021 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through <= 1.3.1. | ||||
| CVE-2025-58022 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maxpagels ShortCode shortcode allows Stored XSS.This issue affects ShortCode: from n/a through <= 0.8.1. | ||||
| CVE-2025-58028 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aum Watcharapon Designil PDPA Thailand pdpa-thailand allows Stored XSS.This issue affects Designil PDPA Thailand: from n/a through <= 2.0.1. | ||||
| CVE-2025-58030 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through <= 5.8. | ||||
| CVE-2025-32300 | 2 Digitalzoomstudio, Wordpress | 2 Video Gallery, Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital zoom studio DZS Video Gallery allows Reflected XSS.This issue affects DZS Video Gallery: from n/a through 12.25. | ||||
| CVE-2025-58031 | 2 Nextendweb, Wordpress | 2 Nextend Facebook Connect, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nextendweb Nextend Facebook Connect nextend-facebook-connect allows Stored XSS.This issue affects Nextend Facebook Connect : from n/a through <= 3.1.19. | ||||
| CVE-2025-32285 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ApusTheme Butcher butcher allows Reflected XSS.This issue affects Butcher: from n/a through < 2.54. | ||||
| CVE-2025-22769 | 2026-04-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Brahma Multifox allows Stored XSS.This issue affects Multifox: from n/a through 1.3.7. | ||||
| CVE-2025-4411 | 2026-04-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dataprom Informatics PACS-ACSS allows Cross-Site Scripting (XSS).This issue affects PACS-ACSS: before 16.05.2025. | ||||
| CVE-2025-22774 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRUDLab CRUDLab Scroll to Top crudlab-scroll-to-top allows Reflected XSS.This issue affects CRUDLab Scroll to Top: from n/a through <= 1.0.1. | ||||
| CVE-2025-22781 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nativery Nativery nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through <= 0.1.6. | ||||
| CVE-2025-22788 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through <= 4.29. | ||||
| CVE-2025-31766 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PhotoShelter PhotoShelter for Photographers Blog Feed Plugin photoshelter-official-plugin allows Stored XSS.This issue affects PhotoShelter for Photographers Blog Feed Plugin: from n/a through <= 1.5.7. | ||||
| CVE-2025-22801 | 2 Hasthemes, Wordpress | 2 Free Woocommerce Theme 99fy Extension, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension 99fy-core allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through <= 1.2.8. | ||||
| CVE-2025-23491 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikash Srivastava VSTEMPLATE Creator vstemplate-creator allows Reflected XSS.This issue affects VSTEMPLATE Creator: from n/a through <= 2.0.2. | ||||