Export limit exceeded: 11921 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 11921 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11921 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57916 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Nurul Amin WP System Information wp-system-info allows Retrieve Embedded Sensitive Data.This issue affects WP System Information: from n/a through <= 1.5. | ||||
| CVE-2025-49422 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Incorrect Privilege Assignment vulnerability in themepassion Support Ticket support-ticket allows Privilege Escalation.This issue affects Support Ticket: from n/a through <= 1.9. | ||||
| CVE-2025-57917 | 3 Printcart, Woocommerce, Wordpress | 3 Web To Print Product Designer, Woocommerce, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.4.8. | ||||
| CVE-2025-57918 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ERA404 LinkedInclude linkedinclude allows Stored XSS.This issue affects LinkedInclude: from n/a through <= 3.0.4. | ||||
| CVE-2025-57920 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CK MacLeod Category Featured Images Extended category-featured-images-extended allows Stored XSS.This issue affects Category Featured Images Extended: from n/a through <= 1.52. | ||||
| CVE-2025-57928 | 2 Strategy11, Wordpress | 2 Awp Classifieds, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Code Injection.This issue affects AWP Classifieds: from n/a through <= 4.4.3. | ||||
| CVE-2025-57936 | 2 Meitar, Wordpress | 2 Subresource Integrity Manager, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Meitar Subresource Integrity (SRI) Manager wp-sri allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subresource Integrity (SRI) Manager: from n/a through <= 0.4.0. | ||||
| CVE-2025-57937 | 2 Etruel, Wordpress | 2 Wpematico Rss Feed Fetcher, Wordpress | 2026-04-15 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Retrieve Embedded Sensitive Data.This issue affects WPeMatico RSS Feed Fetcher: from n/a through <= 2.8.10. | ||||
| CVE-2025-57938 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themewant Easy Hotel Booking easy-hotel allows DOM-Based XSS.This issue affects Easy Hotel Booking: from n/a through <= 1.9.0. | ||||
| CVE-2025-49426 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dahz Kitring kitring allows PHP Local File Inclusion.This issue affects Kitring: from n/a through <= 2.8. | ||||
| CVE-2025-57939 | 3 Blocksera, Elementor, Wordpress | 3 Image Hover Effects, Elementor, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Blocksera Image Hover Effects – Elementor Addon image-hover-effects-addon-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Hover Effects – Elementor Addon: from n/a through <= 1.4.4. | ||||
| CVE-2025-57940 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Kumar Mukhiya Append extensions on Pages append-extensions-on-pages allows Stored XSS.This issue affects Append extensions on Pages: from n/a through <= 1.1.2. | ||||
| CVE-2025-57942 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Emergency Password Reset emergency-password-reset allows Cross Site Request Forgery.This issue affects Emergency Password Reset: from n/a through <= 9.3. | ||||
| CVE-2025-49429 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryan Burnette Video Embeds video-embeds allows Stored XSS.This issue affects Video Embeds: from n/a through <= 0.1.1. | ||||
| CVE-2025-57943 | 2 Skimlinks, Wordpress | 2 Affiliate Marketing Tool, Wordpress | 2026-04-15 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool skimlinks allows Server Side Request Forgery.This issue affects Skimlinks Affiliate Marketing Tool: from n/a through <= 1.3.1. | ||||
| CVE-2025-49438 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Max Chirkov Simple Login Log allows Object Injection. This issue affects Simple Login Log: from n/a through 1.1.3. | ||||
| CVE-2025-57944 | 2 Skimlinks, Wordpress | 2 Affiliate Marketing Tool, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool skimlinks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Skimlinks Affiliate Marketing Tool: from n/a through <= 1.3. | ||||
| CVE-2025-57945 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cedcommerce WP Advanced PDF wp-advanced-pdf allows Stored XSS.This issue affects WP Advanced PDF: from n/a through <= 1.1.7. | ||||
| CVE-2025-49439 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in mariusz88atelierweb Atelier Create CV atelier-create-cv allows Cross Site Request Forgery.This issue affects Atelier Create CV: from n/a through <= 1.1.5. | ||||
| CVE-2025-57960 | 2 Travelmap, Wordpress | 2 Travelmap, Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in TravelMap Travel Map travelmap-blog allows Cross Site Request Forgery.This issue affects Travel Map: from n/a through <= 1.0.3. | ||||